Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

17 year old fingered as author of malware used in Target attack
American Thinker ^

Posted on 01/18/2014 9:03:36 AM PST by Sub-Driver

January 18, 2014 17 year old fingered as author of malware used in Target attack Rick Moran

A 17 year old Russian hacker who goes by the online handle of "ree4" has been identified as the author of the malware that was used to attack Target and Neiman Marcus.

The teenager, Sergey Taraspov, is well known in cyber crime circles having developed other malicious codes to hack commercial systems. He apparently sold about 40 copies of his program to criminals who then modified it slightly and used it to sweep up at least 80 million debit and credit card numbers from Target alone.

Now, the firm that first revealed the Target attack, is saying that 6 other companies suffered a similar fate.

PC World:

Clements said IntelCrawler is "90 percent" sure of its finding, based on the forum postings and sources it communicated with.

The forum posts indicate the teenager sold the malware for $2000 or for a share of the profits that came from monetizing stolen payment card details, Clements said.

BlackPOS was also sold to "carding" websites such as .rescator, Track2.name and Privateservices.biz that trade in stolen card details, according to IntelCrawler.

BlackPOS was originally called Kaptoxa, which is Russian slang for potato. Clements said the Russian teenager eventually renamed the malware BlackPOS during a fresh marketing push.

Dallas-based security company iSight Partners wrote in a report earlier this week on the Target hack, which it called the "Kaptoxa operation." It says the hackers used a high level of skill to gain stealthy access to the retailer's network.

International Business Times is reporting that the 6 other companies targeted in the hack have not informed their customers yet:

(Excerpt) Read more at americanthinker.com ...


TOPICS: Crime/Corruption; Foreign Affairs; News/Current Events
KEYWORDS: blackpos; kaptoxa; potato; ree4; taraspov; target; targetmalware
Navigation: use the links below to view more comments.
first 1-5051-93 next last

1 posted on 01/18/2014 9:03:36 AM PST by Sub-Driver
[ Post Reply | Private Reply | View Replies]

To: Sub-Driver

Sounds like some computer security company needs to hire this kid...fast.


2 posted on 01/18/2014 9:06:21 AM PST by bigbob (The best way to get a bad law repealed is to enforce it strictly. Abraham Lincoln)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sub-Driver

Burn him on a bonfire of credit cards!

OK, let’s get serious. Why do private hackers seem to have more of a clue than our spies and our crime investigators and crime prevention counselors. Maybe because the reward structure is more straight forward, if unethical.


3 posted on 01/18/2014 9:06:28 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sub-Driver
Strange ... I've been hearing about all this hacking for a month or more ... but no reports of anyone actually getting robbed.

Am I in a daze or what ?

4 posted on 01/18/2014 9:06:38 AM PST by knarf (I say things that are true .. I have no proof .. but they're true.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: bigbob

That’s what I thought too... he should give back, rather than stealing.


5 posted on 01/18/2014 9:07:43 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: HiTech RedNeck

... and they’re all kids ... ain’t even STARTED life yet !


6 posted on 01/18/2014 9:07:46 AM PST by knarf (I say things that are true .. I have no proof .. but they're true.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Sub-Driver

Looks like he has a big future with some software outfit designing protection software to keep hackers and malware attacks out.


7 posted on 01/18/2014 9:07:48 AM PST by rktman (Under my plan(scheme), the price of EVERYTHING will necessarily skyrocket! Period.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: knarf

Maybe your friends aren’t Target shoppers, or did not shop Targets that were affected by the crimes? I don’t know a lot about the Target crimes.

All I can say is wow these hackers know a lot, if using the knowledge for evil reasons.

Someone like Kaspersky should hire him (to be sure, with folks looking over his work discreetly to be sure he does stay honest).


8 posted on 01/18/2014 9:10:26 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Sub-Driver
He'll probably end up like this guy.


9 posted on 01/18/2014 9:11:14 AM PST by McGruff (I stand with Phil.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rktman

What would really be great is if MICROSOFT would hire him, and take some of his advice.


10 posted on 01/18/2014 9:11:52 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: HiTech RedNeck
Do YOU know of accounts hacked ?

All I'm saying is ... (because I don't subscibe to sat or cable), the three channels I DO get, when I feel like listening, has only reported how many of millions were, and possibly more than, hacked .... and how terrible ... and now we go to Jonnelline for suggestions to protect yourself ... Jonelline ?

11 posted on 01/18/2014 9:15:22 AM PST by knarf (I say things that are true .. I have no proof .. but they're true.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: knarf

we were victims of this… fraudulent charges made to our card…alerted by company and needed to get new cards...


12 posted on 01/18/2014 9:18:56 AM PST by longfellowsmuse (last of the living nomads)
[ Post Reply | Private Reply | To 4 | View Replies]

To: knarf

I think the card companies are now pretty savvy at disabling cards quickly. Obviously they had a complete list of compromised accounts.


13 posted on 01/18/2014 9:18:56 AM PST by ImJustAnotherOkie (zerogottago)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Sub-Driver

Whack ‘em. Find ‘em and whack ‘em.


14 posted on 01/18/2014 9:20:06 AM PST by NormsRevenge (Semper Fi)
[ Post Reply | Private Reply | To 1 | View Replies]

To: HiTech RedNeck

Someone like Kaspersky should hire him

who says they haven’t already hired him to do just this kind of stuff?

Busienss is business in Russshia..


15 posted on 01/18/2014 9:21:25 AM PST by NormsRevenge (Semper Fi)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Sub-Driver
Wont need such sophisticated malware to crack commiecare, sign up and get hosed
16 posted on 01/18/2014 9:22:45 AM PST by ronnie raygun
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sub-Driver

They’ll like his sweet little back side in prison.


17 posted on 01/18/2014 9:24:26 AM PST by SandRat (Duty - Honor - Country! What else needs said?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NormsRevenge

That would be sad, but not impossible.

But drumming up more virus business is kind of like bringing more snow to Alaska.


18 posted on 01/18/2014 9:24:46 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 15 | View Replies]

To: knarf
For the way it was used at Target, it appears the information stolen was all Triple-DES encrypted. This includes both the PIN numbers and the credit card information.

If true, there may never be a compromised card, but frequency analysis might eventually let the attackers do something.

Triple-DES is considered unbreakable today.

19 posted on 01/18/2014 9:25:19 AM PST by ConservativeMind ("Humane" = "Don't pen up pets or eat meat, but allow infanticide, abortion, and euthanasia.")
[ Post Reply | Private Reply | To 4 | View Replies]

To: SandRat

They’ll force him to show them how to hack the prison commissary!


20 posted on 01/18/2014 9:25:20 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: ConservativeMind

That’s something I hadn’t heard, but it sure does look like “theft of useless data” if so. Target was doing exactly what it ought to have done, and deserves kudos in this case.

The new breed of quantum computer may eventually get to the place where it can take on daunting encryption problems, but it’s got a way to go.


21 posted on 01/18/2014 9:27:17 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 19 | View Replies]

To: Sub-Driver
Sure, it was a teen and conveniently a Russian kid. Acting all on his own, uh huh. Selling the program online so everyone knew about it. I'm calling a huge steaming pile on this.

We still haven't heard who the other 3 “mall type” stores that were also hacked.

22 posted on 01/18/2014 9:29:05 AM PST by bgill
[ Post Reply | Private Reply | To 1 | View Replies]

To: HiTech RedNeck
Maybe because the reward structure is more straight forward, if unethical.


23 posted on 01/18/2014 9:29:11 AM PST by Fido969 (What's sad is most)
[ Post Reply | Private Reply | To 3 | View Replies]

To: knarf
I need to correct part of that reply.

The PINs for all debit card transactions are Triple-DES encrypted, NOT the rest.

24 posted on 01/18/2014 9:29:35 AM PST by ConservativeMind ("Humane" = "Don't pen up pets or eat meat, but allow infanticide, abortion, and euthanasia.")
[ Post Reply | Private Reply | To 4 | View Replies]

To: HiTech RedNeck

My bad. The PINs of all debit cards were Triple-DES encrypted, not the rest.


25 posted on 01/18/2014 9:30:33 AM PST by ConservativeMind ("Humane" = "Don't pen up pets or eat meat, but allow infanticide, abortion, and euthanasia.")
[ Post Reply | Private Reply | To 21 | View Replies]

To: ConservativeMind

Well that’s a different kettle of fish. Someone could forge a charge with just the card number.

And since PINs are 4 digits long, a random run would be able to ding 1 in every 10,000 cards.


26 posted on 01/18/2014 9:31:51 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 24 | View Replies]

To: Sub-Driver

"Look Sergei, we're not asking you to spy. We're asking you to steal."

27 posted on 01/18/2014 9:32:01 AM PST by Steely Tom (If the Constitution can be a living document, I guess a corporation can be a person.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sub-Driver
The teenager, Sergey Taraspov, is well known in cyber crime circles having developed other malicious codes to hack commercial systems.

I'm willing to bet that some research will turn up he's either from, or has family in the Chechen region and ties to a muslim radical group.

Anyone want to take that bet?

28 posted on 01/18/2014 9:32:34 AM PST by usconservative (When The Ballot Box No Longer Counts, The Ammunition Box Does. (What's In Your Ammo Box?))
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sub-Driver
Now, the firm that first revealed the Target attack, is saying that 6 other companies suffered a similar fate.
That was announced a week ago but we still don't know who the other six are - why not?
29 posted on 01/18/2014 9:33:58 AM PST by oh8eleven (RVN '67-'68)
[ Post Reply | Private Reply | To 1 | View Replies]

To: HiTech RedNeck; usconservative

You may be interested in this post on another thread: http://www.freerepublic.com/focus/f-news/3112981/posts?page=55#55

The poster, Freeper USC explains in more detail what happened at Target. Microsoft isn’t the company that needs the security lesson.


30 posted on 01/18/2014 9:34:25 AM PST by Balding_Eagle (Over production, one of the top 5 worries for the American Farmer every year.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: usconservative

That name sounds about as authentically Roosky as Jones is authentically British/American. A Google for Taraspov and Chechnya turned up NO hits. (A guy named Tarasov is an advisor to the [Russian] prime minister of Chechnya.)


31 posted on 01/18/2014 9:36:08 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 28 | View Replies]

To: Sub-Driver

I wish the penalty for these types of crimes were as severe as 2nd degree murder. (If I were king, I would make it a capital offense)


32 posted on 01/18/2014 9:36:49 AM PST by Go Gordon (Barack McGreevey Obama)
[ Post Reply | Private Reply | To 1 | View Replies]

To: longfellowsmuse
My bank froze my card once, only because I so infrequently USE it, because someone in Italy had tried, at an ATM, to access $536 on my $565 balance.

The bank obviously (they DID tell me they had never seen that destination before and thus tried to alert me) knows my activities and because I did not respond to an alert within 24 hours, they refused the pymt and froze my card

A pain in the ass, but at a time when I was paying a bill, that was MOST appreciated.

IF then, the hackers know they can't actually USE the numbers ... I can only guess they're schooling themselves for (I hope .. ) that big, take out the governmet (IMF?, FedRes? ..) hustle that saves real, little people and crushes the enemy, rogue government.

I'll probably (I hope) be dead by the time it all comes to a head.

If not ...

popcorn's on

33 posted on 01/18/2014 9:37:08 AM PST by knarf (I say things that are true .. I have no proof .. but they're true.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Balding_Eagle

It would help if Microsoft were more up on this.

They probably want to sell a more advanced version of embedded Windows rather than advising current license holders. But being too pinchy about the pennies hurts their reputation.

GNU/Linux would have been a harder target.


34 posted on 01/18/2014 9:38:18 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 30 | View Replies]

To: usconservative

Good thought ... ain’t takin’


35 posted on 01/18/2014 9:39:15 AM PST by knarf (I say things that are true .. I have no proof .. but they're true.)
[ Post Reply | Private Reply | To 28 | View Replies]

To: bgill

I think this is bs also. Had heard that this was an inside job and that is probably true at some level. I wonder how much the credit rating companies profit off of this when millions are compromised. I had to pay up last year when someone used a card of mine at a sears and I found out about it like a year later. I had to spend around 70 or 80 dollars at the big 3 credit rating companies. I can only imagine they love this kind of thing. I would wonder at the long term agenda as the public is made to believe more security is needed and oversight from government is needed to keep us safe from reckless 17 year olds and identity thieves.


36 posted on 01/18/2014 9:40:49 AM PST by Sheapdog (Chew the meat, spit out the bones - FUBO - Come and get me)
[ Post Reply | Private Reply | To 22 | View Replies]

To: Sub-Driver

I guess we can thank the NSA for keeping us secure.


37 posted on 01/18/2014 9:42:15 AM PST by School of Rational Thought
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sub-Driver

Has anyone suggested he be hired by obamacare yet? Posting before I look and count how many!


38 posted on 01/18/2014 9:45:46 AM PST by hoosiermama (Obama: "Born in Kenya" Lying now or then or now)
[ Post Reply | Private Reply | To 1 | View Replies]

To: HiTech RedNeck
A Google for Taraspov and Chechnya turned up NO hits.

Until the Tsarnaev brothers bombed the Boston Marathon, there were no google hits for that name in Chechnya either.

Not so sure I'd want to take the bet based on a google search.

Google knows alot, it doesn't know everything.

39 posted on 01/18/2014 9:48:27 AM PST by usconservative (When The Ballot Box No Longer Counts, The Ammunition Box Does. (What's In Your Ammo Box?))
[ Post Reply | Private Reply | To 31 | View Replies]

To: School of Rational Thought
I guess we can thank the NSA for keeping us secure.

BAZINGA!! Post of the day. WTG NSA! You missed another one scooping up all our emails, texts and phone calls .... chuckleheads!

40 posted on 01/18/2014 9:49:34 AM PST by usconservative (When The Ballot Box No Longer Counts, The Ammunition Box Does. (What's In Your Ammo Box?))
[ Post Reply | Private Reply | To 37 | View Replies]

To: HiTech RedNeck

I’m sorry you didn’t have time to read USC post.


41 posted on 01/18/2014 9:51:57 AM PST by Balding_Eagle (Over production, one of the top 5 worries for the American Farmer every year.)
[ Post Reply | Private Reply | To 34 | View Replies]

To: usconservative

Just a first stab, and as you say there are counter examples. (If it IS a counter example... I’m curious who did that retrospective Google for Tsarnaev... does Google have Wayback capability? Don’t want to just be tooting our horn in vain.)


42 posted on 01/18/2014 9:52:09 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 39 | View Replies]

To: Balding_Eagle

Unfortunately I *did* read it. And that’s my reaction. Old Windows, not updated. And so?? If Microsoft wants to keep a reputation it won’t just sit on its hands.


43 posted on 01/18/2014 9:53:18 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 41 | View Replies]

To: HiTech RedNeck
What would really be great is if MICROSOFT would hire him, and take some of his advice.

Or never shop with any company that
uses Internal facing microsoft servers.

44 posted on 01/18/2014 9:54:15 AM PST by Uri’el-2012 (Psalm 119:174 I long for Your salvation, YHvH, Your teaching is my delight.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: UriĀ’el-2012

As if.

Everyone has room to raise their ethics quotient here.


45 posted on 01/18/2014 9:55:17 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 44 | View Replies]

To: Sub-Driver

holy cow!!!


46 posted on 01/18/2014 9:56:20 AM PST by dennisw (The first principle is to find out who you are then you can achieve anything -- Buddhist monk)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sub-Driver

Wasn’t it recently that Kerry was gifting potatoes to Russian diplomats? It seemed odd at the time, not so much now.


47 posted on 01/18/2014 9:57:01 AM PST by hmmmmm
[ Post Reply | Private Reply | To 1 | View Replies]

To: HiTech RedNeck
Can't speak to any "wayback" capability -- I'm sure someone on here knows how to search Google's cache better than I.

I can only speak to the days following the Boston Bombing's, the only references to "Tsarnaev" and "Chechnya" were related to the bombing. I looked to see what I could find. Everything prior to that day on "Tsarnaev" and "Chechnya" turned up nothing.

I should correct myself here: that may not mean there was nothing .....

48 posted on 01/18/2014 9:59:01 AM PST by usconservative (When The Ballot Box No Longer Counts, The Ammunition Box Does. (What's In Your Ammo Box?))
[ Post Reply | Private Reply | To 42 | View Replies]

To: usconservative

And so it is.

So could it be Chechnya. I don’t know. I haven’t followed the trends in Russian hacking. My feeling, only a feeling and it could be wrong, about these hackers, is that if they are radical Muslims, they are young ones. Radical Islam screws up one’s brain eventually with all its demonic spiritual crap.


49 posted on 01/18/2014 10:03:23 AM PST by HiTech RedNeck (The Lion of Judah will roar for you if you give him a big hug and a cheer and mean it. See my page.)
[ Post Reply | Private Reply | To 48 | View Replies]

To: UriĀ’el-2012
Or never shop with any company that uses Internal facing microsoft servers.

You're making a hell of an assumption: no one said that the servers that were breached were Microsoft.

The only details of the breach that have been released thus far have been that the Point of Sale systems that Target used involved using customized (in-house) developed software running on top of Windows XP Embedded POS.

Now if you're saying "don't shop anywhere where Windows XP Embedded POS / OS is used" .... good luck with that. It's (unfortunately) one of the most popular platforms for POS systems.

A better position to take might be this: If you're out shopping and want to remain completely safe from credit card information theft ... pay cash!

Best carry a gun with you too while carrying that cash ..

50 posted on 01/18/2014 10:03:30 AM PST by usconservative (When The Ballot Box No Longer Counts, The Ammunition Box Does. (What's In Your Ammo Box?))
[ Post Reply | Private Reply | To 44 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-93 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson