After Target breach, Homeland Security warns retailers

Investigators probing the recent holiday season cyberattack are warning retailers about sophisticated malware that potentially affected a large number of stores.

By Evan Perez and Gregory Wallace  @CNNMoney

A homeland security official said Thursday that the malware is described in a government report that has been distributed to retailers.

The warning follows a massive breach at Target that compromised credit card numbers and other personal information on up to 110 million customers.

A private firm working on the investigation, iSIGHT Partners, said the hackers behind the malware “displayed innovation and a high degree of skill in orchestrating the various components of the activity.”

“It’s not necessarily the specific malware components individually that make this new or sophisticated, but it’s really the size or scale of this operation at large that makes this unique,” said Tiffany Jones, senior vice president at iSIGHT Partners.

The malware infects individual point of sale devices. It monitors data processed on the device, then transmits that data outside of the retailer, she said.

It is especially hard to detect because it deletes records that could tell investigators it fraudulently transmitted the data, Jones added.

The “malicious software has potentially infected a large number of retail operations,” Jones told CNNMoney.

Jones declined to name specific retailers infected with the malware, but her description of its function is in line with experts’ understanding of the Target hack. A spokeswoman for Target did not immediately respond to a request for comment.

“We’ve seen various types of malware that have done that, but its the first time that we’ve seen this attack at this scale of criminal operation,” she said. The malware manages to “covertly subvert network controls” and avoids current anti-virus software.

continue reading »

More News