Skip to comments.17 year old fingered as author of malware used in Target attack
Posted on 01/18/2014 9:03:36 AM PST by Sub-Driver
January 18, 2014 17 year old fingered as author of malware used in Target attack Rick Moran
A 17 year old Russian hacker who goes by the online handle of "ree4" has been identified as the author of the malware that was used to attack Target and Neiman Marcus.
The teenager, Sergey Taraspov, is well known in cyber crime circles having developed other malicious codes to hack commercial systems. He apparently sold about 40 copies of his program to criminals who then modified it slightly and used it to sweep up at least 80 million debit and credit card numbers from Target alone.
Now, the firm that first revealed the Target attack, is saying that 6 other companies suffered a similar fate.
Clements said IntelCrawler is "90 percent" sure of its finding, based on the forum postings and sources it communicated with.
The forum posts indicate the teenager sold the malware for $2000 or for a share of the profits that came from monetizing stolen payment card details, Clements said.
BlackPOS was also sold to "carding" websites such as .rescator, Track2.name and Privateservices.biz that trade in stolen card details, according to IntelCrawler.
BlackPOS was originally called Kaptoxa, which is Russian slang for potato. Clements said the Russian teenager eventually renamed the malware BlackPOS during a fresh marketing push.
Dallas-based security company iSight Partners wrote in a report earlier this week on the Target hack, which it called the "Kaptoxa operation." It says the hackers used a high level of skill to gain stealthy access to the retailer's network.
International Business Times is reporting that the 6 other companies targeted in the hack have not informed their customers yet:
(Excerpt) Read more at americanthinker.com ...
Sounds like some computer security company needs to hire this kid...fast.
Burn him on a bonfire of credit cards!
OK, let’s get serious. Why do private hackers seem to have more of a clue than our spies and our crime investigators and crime prevention counselors. Maybe because the reward structure is more straight forward, if unethical.
Am I in a daze or what ?
That’s what I thought too... he should give back, rather than stealing.
... and they’re all kids ... ain’t even STARTED life yet !
Looks like he has a big future with some software outfit designing protection software to keep hackers and malware attacks out.
Maybe your friends aren’t Target shoppers, or did not shop Targets that were affected by the crimes? I don’t know a lot about the Target crimes.
All I can say is wow these hackers know a lot, if using the knowledge for evil reasons.
Someone like Kaspersky should hire him (to be sure, with folks looking over his work discreetly to be sure he does stay honest).
What would really be great is if MICROSOFT would hire him, and take some of his advice.
All I'm saying is ... (because I don't subscibe to sat or cable), the three channels I DO get, when I feel like listening, has only reported how many of millions were, and possibly more than, hacked .... and how terrible ... and now we go to Jonnelline for suggestions to protect yourself ... Jonelline ?
we were victims of this fraudulent charges made to our card alerted by company and needed to get new cards...
I think the card companies are now pretty savvy at disabling cards quickly. Obviously they had a complete list of compromised accounts.
Whack ‘em. Find ‘em and whack ‘em.
Someone like Kaspersky should hire him
who says they haven’t already hired him to do just this kind of stuff?
Busienss is business in Russshia..
They’ll like his sweet little back side in prison.
That would be sad, but not impossible.
But drumming up more virus business is kind of like bringing more snow to Alaska.
If true, there may never be a compromised card, but frequency analysis might eventually let the attackers do something.
Triple-DES is considered unbreakable today.
They’ll force him to show them how to hack the prison commissary!
That’s something I hadn’t heard, but it sure does look like “theft of useless data” if so. Target was doing exactly what it ought to have done, and deserves kudos in this case.
The new breed of quantum computer may eventually get to the place where it can take on daunting encryption problems, but it’s got a way to go.
We still haven't heard who the other 3 “mall type” stores that were also hacked.
The PINs for all debit card transactions are Triple-DES encrypted, NOT the rest.
My bad. The PINs of all debit cards were Triple-DES encrypted, not the rest.
Well that’s a different kettle of fish. Someone could forge a charge with just the card number.
And since PINs are 4 digits long, a random run would be able to ding 1 in every 10,000 cards.
"Look Sergei, we're not asking you to spy. We're asking you to steal."
I'm willing to bet that some research will turn up he's either from, or has family in the Chechen region and ties to a muslim radical group.
Anyone want to take that bet?
You may be interested in this post on another thread: http://www.freerepublic.com/focus/f-news/3112981/posts?page=55#55
The poster, Freeper USC explains in more detail what happened at Target. Microsoft isn’t the company that needs the security lesson.
That name sounds about as authentically Roosky as Jones is authentically British/American. A Google for Taraspov and Chechnya turned up NO hits. (A guy named Tarasov is an advisor to the [Russian] prime minister of Chechnya.)
I wish the penalty for these types of crimes were as severe as 2nd degree murder. (If I were king, I would make it a capital offense)
The bank obviously (they DID tell me they had never seen that destination before and thus tried to alert me) knows my activities and because I did not respond to an alert within 24 hours, they refused the pymt and froze my card
A pain in the ass, but at a time when I was paying a bill, that was MOST appreciated.
IF then, the hackers know they can't actually USE the numbers ... I can only guess they're schooling themselves for (I hope .. ) that big, take out the governmet (IMF?, FedRes? ..) hustle that saves real, little people and crushes the enemy, rogue government.
I'll probably (I hope) be dead by the time it all comes to a head.
If not ...
It would help if Microsoft were more up on this.
They probably want to sell a more advanced version of embedded Windows rather than advising current license holders. But being too pinchy about the pennies hurts their reputation.
GNU/Linux would have been a harder target.
Good thought ... ain’t takin’
I think this is bs also. Had heard that this was an inside job and that is probably true at some level. I wonder how much the credit rating companies profit off of this when millions are compromised. I had to pay up last year when someone used a card of mine at a sears and I found out about it like a year later. I had to spend around 70 or 80 dollars at the big 3 credit rating companies. I can only imagine they love this kind of thing. I would wonder at the long term agenda as the public is made to believe more security is needed and oversight from government is needed to keep us safe from reckless 17 year olds and identity thieves.
I guess we can thank the NSA for keeping us secure.
Has anyone suggested he be hired by obamacare yet? Posting before I look and count how many!
Until the Tsarnaev brothers bombed the Boston Marathon, there were no google hits for that name in Chechnya either.
Not so sure I'd want to take the bet based on a google search.
Google knows alot, it doesn't know everything.
BAZINGA!! Post of the day. WTG NSA! You missed another one scooping up all our emails, texts and phone calls .... chuckleheads!
I’m sorry you didn’t have time to read USC post.
Just a first stab, and as you say there are counter examples. (If it IS a counter example... I’m curious who did that retrospective Google for Tsarnaev... does Google have Wayback capability? Don’t want to just be tooting our horn in vain.)
Unfortunately I *did* read it. And that’s my reaction. Old Windows, not updated. And so?? If Microsoft wants to keep a reputation it won’t just sit on its hands.
Or never shop with any company that
uses Internal facing microsoft servers.
Everyone has room to raise their ethics quotient here.
Wasn’t it recently that Kerry was gifting potatoes to Russian diplomats? It seemed odd at the time, not so much now.
I can only speak to the days following the Boston Bombing's, the only references to "Tsarnaev" and "Chechnya" were related to the bombing. I looked to see what I could find. Everything prior to that day on "Tsarnaev" and "Chechnya" turned up nothing.
I should correct myself here: that may not mean there was nothing .....
And so it is.
So could it be Chechnya. I don’t know. I haven’t followed the trends in Russian hacking. My feeling, only a feeling and it could be wrong, about these hackers, is that if they are radical Muslims, they are young ones. Radical Islam screws up one’s brain eventually with all its demonic spiritual crap.
You're making a hell of an assumption: no one said that the servers that were breached were Microsoft.
The only details of the breach that have been released thus far have been that the Point of Sale systems that Target used involved using customized (in-house) developed software running on top of Windows XP Embedded POS.
Now if you're saying "don't shop anywhere where Windows XP Embedded POS / OS is used" .... good luck with that. It's (unfortunately) one of the most popular platforms for POS systems.
A better position to take might be this: If you're out shopping and want to remain completely safe from credit card information theft ... pay cash!
Best carry a gun with you too while carrying that cash ..