IntelCrawler has identified the author of the malware that infected Target as a Russian teenager. According to the California-based security firm, this 17-year-old is also believed to have created the malware that infected Neiman Marcus.
The teenager is not believed to have launched the actual attacks. However, he sold more than 60 versions of the software to cybercriminals in Eastern Europe and other countries, IntelCrawler explained. “He is still visible for us, but the real bad actors responsible for the past attacks on retailers such as Target and Neiman Marcus were just his customers,” said IntelCrawler president Dan Clements.
IntelCrawler said that the attackers who purchased the software hacked the retailers’ systems either by entering default passwords, or by trying various username/password combinations until they struck gold (a practice known as “brute force password hacking”). In an interview with Computerworld, Clements noted that many retailers never change default passwords on POS terminals, which is a common problem that has been observed by the PCI Security Standards Council.
Additionally, there do not appear to be many restrictions on who can access remote POS servers in numerous retailers, IntelCrawler CEO Andrew Komarov told The Washington Post. This type of easy access could allow hackers to reach back-office servers which contain pools of data from multiple stores.
Komarov first identified the software last year and reported it to Symantec and other security firms. IntelCrawler said it has identified attacks on at least six other US retailers, as well as attempted attacks on retailers in Australia and Canada.
A report by broking group Marsh examines the repercussions from the administration of the South Korean company, which filed for bankruptcy protection at the end of August.
Global research by C2FO suggests that smaller businesses are less concerned with the repercussions of Brexit and the upcoming US presidential election.
A squeeze on skilled talent means it now takes an average of seven weeks to fill open permanent roles in finance in the UK according to new research from financial services recruitment firm Robert Half.
Early-stage merger and acquisition deals in Asia-Pacific show nearly 10% year-on-year growth in recent months.