Retail store malware pinpointed in holiday hacking attacks

Retail store malware identified; how it was apparently used to steal credit info

A private company revealed Thursday how, apparently, hackers were able to hit Target at the height of the holiday shopping season. Forty million credit and debit card accounts were compromised and as many as 70 million customers had their personal information stolen.

The private security firm iSight Partners reports that computer hackers are using a type of malware, or malicious software called KAPTOXA to steal credit card information where customers swipe or enter their credit card information. 

CBS
  While the report does not mention Target specifically, law enforcement sources say the theft at Target helped investigators track and identify the malware. But it’s not just Target. The report says multiple retailers are being attacked and calls this form of KAPTOXA among the most dangerous ever used.

Tiffany Jones, vice president of iSight Partners spoke to CBS News by phone. She said, “What's unique about it is, it's the first time we've seen this attack at this scale and sophistication in terms of the overall operation of cyber criminals.” 

CBS
 The iSight report confirms this malware knows how to cover its tracks. Jones said, “The particular variant of malware that we talk about was not detectable by typical antivirus solutions.”

In a separate report, the Department of Homeland Security released a set of technical instructions alerting the nation’s retailers how to detect and stop this malware, but officials are concerned some retail chains are still under attack and don't know.

f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.