Here's The Most Ironic Thing About Target's Massive Credit Card Hack
Flickr/B Rosen
"As this is an ongoing investigation, we don't have information to share at this time," a Target spokesperson told us when we asked.
Now Brian Krebs, the security blogger that broke the story, has a theory, detailed in a blog post, based on info confirmed by Target, other news reports and his own sources.
What we know is that hackers installed malware on the devices used to scan your credit cards, called Point-of-Sale (POS) systems. Target CEO's confirmed this in an interview with CNBC.
The malware involved something called "memory-scraping," Reuters reported. That means that the moment you swipe your card the malware grabbed your credit card info.
This POS malware seems to be a known variety, spotted as early as June, 2013, Krebs says. It looks like something called BlackPOS that sells on hacker forums for $1,800-$2,300.
Hackers can sell the credit card numbers for $35 - $100 each. Gold or platinum credit cards go for $60 each, business credit cards $80 and some platinum cards, $100, Cisco security researcher Levi Gundert wrote this week in a blog post. That's a stunning potential payback on a $2,300 piece of software.
Krebs sources say that hackers broke into Target's network through a Web server and planted the malware onto the devices from the network.
Then they allegedly used one of Target's own computers to store the stolen credit card numbers and accessed this computer remotely to collect the numbers.
If that's true, it means that hackers didn't just break in once. It means they hopped onto Target's network whenever they pleased.
If Target's POS systems had used encryption, the hackers wouldn't have been able to get the credit card numbers even if they successfully installed malware, Gundert says.
And now for the irony: The BlackOS malware includes encryption. The thieves could protect the stolen credit card numbers with the exact tech that would have prevented them from getting the numbers in the first place.
- Global stocks rally even as Sensex, Nifty fall sharply on Friday
- In second consecutive week of decline, forex kitty drops $2.28 bn to $640.33 bn
- SBI Life Q4 profit rises 4% to ₹811 crore
- IMD predicts severe heatwave conditions over East, South Peninsular India for next five days
- COVID lockdown-related school disruptions will continue to worsen students’ exam results into the 2030s: study
- JNK India IPO allotment date
- JioCinema New Plans
- Realme Narzo 70 Launched
- Apple Let Loose event
- Elon Musk Apology
- RIL cash flows
- Charlie Munger
- Feedbank IPO allotment
- Tata IPO allotment
- Most generous retirement plans
- Broadcom lays off
- Cibil Score vs Cibil Report
- Birla and Bajaj in top Richest
- Nestle Sept 2023 report
- India Equity Market