Security Protection – Harry Waldron MVP Rotating Header Image

BlackPOS malware kit – Starting point for Target credit card attacks

Investigators are now evaluating “BlackPOS” malware kit that was likely used as a starting “base” for recent massive credit card attacks.  It is believed that cyber-thieves ramped up this basic exploit kit (sold for $2000) into a large scale, well-planned, and highly sophisticated attack on Target and other retailers.


http://www.nydailynews.com/news/world/russian-teen-made-target-neiman-marcus-malware-report-article-1.1583785

http://krebsonsecurity.com/2014/01/a-first-look-at-the-target-intrusion-malware/

http://thehackernews.com/2014/01/BlackPOS-Malware-russian-hacker-Target.html

http://thehackernews.com/2014/01/Russian-hacker-BlackPOS-Malware-Author.html

QUOTE: The Holiday data breach at TARGET appeared to be part of a broad and highly sophisticated international hacking campaign against multiple retailers, involving the heist of possibly 110 million Credit-Debit cards, and personal information. Target confirmed last weekend that a malicious software was embedded in point-of-sale (POS) equipment at its checkout counters to collect secure data as the credit cards were swiped during transactions.

The Malware called ‘BlackPOS’ also known as “reedum” or ‘Kaptoxa’ is an effective crimeware kit, that was created in March 2013 and available in underground sites for $1800-$2000.  Investigators from IntelCrawler found a 17-years old hacker who actually developed the BlackPOS crimeware kit. BlackPOS is a RAM-scraping malware totally written in VBScript i.e. It copies credit-card numbers from point-of-sale machines’ RAM, in the instant after the cards are swiped and before the numbers are encrypted.

Comments are closed.