Hackers used cheap, off-the-shelf malware to breach security at U.S. Target stores and compromise data for more than 110 million customers, a tech website said.
Target confirmed last weekend malicious software was embedded in point-of-sale equipment at its checkout counters to collect secure data as credit cards were swiped during transactions. Brian Krebs, of the Krebs on Security website, reported Thursday the malware has been determined to be BlackPOS -- also known as "reedum" -- which uses a memory-scraping technique to collect secure data, temporarily stored in Windows OS computers during a transaction.
BlackPOS likely comes from Russia, and can be bought for about $1,800, Forbes reported.
Data on cards' magnetic stripes are encrypted when sent from POS terminals to financial institutions for verification but the memory-scraping malware snags the information while it is temporarily "parked" as plain text in POS terminals.
:max_bytes(150000):strip_icc():focal(734x126:736x128)/derek-chauvin-stabbed-in-prison-112423-5c52f3bf68204064839d725e8d9bfe23.jpg)
Derek Chauvin, the former Minneapolis police officer convicted of murdering George Floyd, was stabbed by another...
O.J. Simpson's estate agreed to pay nearly $58 million to Ron Goldman’s father, decades after the...
