Target breach linked to global cybercrime: researchers
Published on Jan 18, 2014 2:10 AM
WASHINGTON (AFP) - The massive data breach at US retailer Target is probably linked to a broader global network of cybercrime that may have affected other merchants, security researchers said.
US security firm iSight Partners concluded that the hackers who stole data on as many as 110 million Target customers comes from "a new piece of malicious software," which "has potentially infected a large number of retail information systems," according to a statement Thursday from the company, which has been working with US authorities.
A separate report by the Israeli-based firm Seculert said an analysis of the malware showed the attack "had two stages, which is a well known attribute of an advanced threat." The malware first infected Target's checkout counters to extract credit numbers and sensitive personal details, "then after staying undetected for six days, the malware started transmitting the stolen data to an external FTP server, using another infected machine within the Target network" Seculert said.
Seculert said the hackers used a virtual private server (VPS) located in Russia to download the stolen data and "continued to download the data over two weeks." But the firm found no evidence of a link to other retailers such as Neiman Marcus, which was also compromised.
To continue reading, log in if you are a subscriber
Enjoy 2 weeks of unlimited digital access to The Straits Times. Get your free access now!