Skip to comments.17 year old fingered as author of malware used in Target attack
Posted on 01/18/2014 9:03:36 AM PST by Sub-Driver
January 18, 2014 17 year old fingered as author of malware used in Target attack Rick Moran
A 17 year old Russian hacker who goes by the online handle of "ree4" has been identified as the author of the malware that was used to attack Target and Neiman Marcus.
The teenager, Sergey Taraspov, is well known in cyber crime circles having developed other malicious codes to hack commercial systems. He apparently sold about 40 copies of his program to criminals who then modified it slightly and used it to sweep up at least 80 million debit and credit card numbers from Target alone.
Now, the firm that first revealed the Target attack, is saying that 6 other companies suffered a similar fate.
Clements said IntelCrawler is "90 percent" sure of its finding, based on the forum postings and sources it communicated with.
The forum posts indicate the teenager sold the malware for $2000 or for a share of the profits that came from monetizing stolen payment card details, Clements said.
BlackPOS was also sold to "carding" websites such as .rescator, Track2.name and Privateservices.biz that trade in stolen card details, according to IntelCrawler.
BlackPOS was originally called Kaptoxa, which is Russian slang for potato. Clements said the Russian teenager eventually renamed the malware BlackPOS during a fresh marketing push.
Dallas-based security company iSight Partners wrote in a report earlier this week on the Target hack, which it called the "Kaptoxa operation." It says the hackers used a high level of skill to gain stealthy access to the retailer's network.
International Business Times is reporting that the 6 other companies targeted in the hack have not informed their customers yet:
(Excerpt) Read more at americanthinker.com ...
Sounds like some computer security company needs to hire this kid...fast.
Burn him on a bonfire of credit cards!
OK, let’s get serious. Why do private hackers seem to have more of a clue than our spies and our crime investigators and crime prevention counselors. Maybe because the reward structure is more straight forward, if unethical.
Am I in a daze or what ?
That’s what I thought too... he should give back, rather than stealing.
... and they’re all kids ... ain’t even STARTED life yet !
Looks like he has a big future with some software outfit designing protection software to keep hackers and malware attacks out.
Maybe your friends aren’t Target shoppers, or did not shop Targets that were affected by the crimes? I don’t know a lot about the Target crimes.
All I can say is wow these hackers know a lot, if using the knowledge for evil reasons.
Someone like Kaspersky should hire him (to be sure, with folks looking over his work discreetly to be sure he does stay honest).
What would really be great is if MICROSOFT would hire him, and take some of his advice.
All I'm saying is ... (because I don't subscibe to sat or cable), the three channels I DO get, when I feel like listening, has only reported how many of millions were, and possibly more than, hacked .... and how terrible ... and now we go to Jonnelline for suggestions to protect yourself ... Jonelline ?
we were victims of this fraudulent charges made to our card alerted by company and needed to get new cards...
I think the card companies are now pretty savvy at disabling cards quickly. Obviously they had a complete list of compromised accounts.
Whack ‘em. Find ‘em and whack ‘em.
Someone like Kaspersky should hire him
who says they haven’t already hired him to do just this kind of stuff?
Busienss is business in Russshia..
They’ll like his sweet little back side in prison.
That would be sad, but not impossible.
But drumming up more virus business is kind of like bringing more snow to Alaska.
If true, there may never be a compromised card, but frequency analysis might eventually let the attackers do something.
Triple-DES is considered unbreakable today.
They’ll force him to show them how to hack the prison commissary!