Dive Brief
- Memory-scraping malware used to obtain customer information at Target point of sale units appears to be related to code called BlackPOS that is cheap ($2,300 for a “full” version) and easily available on cybercrime forums, and has been around since at least early 2013.
- BlackPOS is somewhat crude but highly effective in capturing information from swiped credit cards and debit cards, according to Brian Krebs, who spoke with sources familiar with the investigation.
- Sources told Krebs the same malware was likely used in the Neiman-Marcus breach announced this week and credit-card breaches at other U.S. retailers that have not yet been officially disclosed.
Dive Insight
Though Target itself hasn’t revealed details of how the breach occurred, unnamed sources have revealed a rich trove of information about the malware that was used, and it was apparently cheap and easy. The latest news underlines how open and vulnerable Target’s servers were, and that there are likely many U.S. retailers that remain vulnerable in exactly the same way.
