light bulb

Did You Know?

Posts: 9,887
Topics: 704
Kudos: 9,491
Registered: ‎02-03-2012

A First Look at the Target Intrusion, Malware

01-11-2013 3-54-04 PM.png


Last weekend, Target finally disclosed at least one cause of the massive data breach that exposed personal and financial information on more than 110 million customers: Malicious software that infected point-of-sale systems at Target checkout counters. Today’s post includes new information about the malware apparently used in the attack, according to two sources with knowledge of the matter.

The seller of the point-of-sale "memory dump" malware used in the Target attack.

The seller of the point-of-sale “memory dump” malware allegedly used in the Target attack.

In an interview with CNBC on Jan. 12, Target CEO Gregg Steinhafel confirmed that the attackers stole card data by installing malicious software on point-of-sale (POS) devices in the checkout lines at Target stores. A report published by Reuters that same day stated that the Target breach involved memory-scraping malware.

This type of malicious software uses a technique that parses data stored briefly in the memory banks of specific POS devices; in doing so, the malware captures the data stored on the card’s magnetic stripe in the instant after it has been swiped at the terminal and is still in the system’s memory. Armed with this information, thieves can create cloned copies of the cards and use them to shop in stores for high-priced merchandise. Earlier this month, U.S. Cert issued a detailed analysis of several common memory scraping malware variants.

Target hasn’t officially released details about the POS malware involved, nor has it said exactly how the bad guys broke into their network. Since the breach, however, at least two sources with knowledge of the ongoing investigation have independently shared information about the point-of-sale malware and some of the methods allegedly used in the attack.


Full Article





Webroot® SecureAnywhere™ Internet Security Complete Beta Tester v9.0.6.19 on my main system Alienware 17R2, Windows 10 Enterprise x64 (Build 10586) & HTC One M8 Android Lollipop 5.0.1 Phone v3.7.0.7200.

MVP.gif.pngMicrosoft® MVP Consumer Security

Twitter1.png  Untitled-1.png  WBA.png  

Posts: 7,156
Kudos: 7,866
Registered: ‎10-28-2012

Re: A First Look at the Target Intrusion, Malware

Very informative and interesting read. Thanks TH!



New to the Community? Register now and start posting!

Helpful Webroot Links:

Download (PC)   Download (Best Buy Subscription)   Submit Trouble Ticket   Account Console   User Guides   

"If you don't learn something new every day, you need to pay more attention. I often get my daily learning here so grab a chair and stay a while!"

WSA-Complete (Beta PC), WSA Mobile (Android), WSA Business Mobile (Android) WSA-Endpoint (PC- Some of the time.....)