As we reported back on December 19, the giant retail department store chain of Target was the victim of a massive hack and cyber attack that ended up with tens of millions of customers credit card information being stolen, some estimates now as high as 110,000,000. As the investigation into this massive attack moves forward more and more details are becoming available. In the latest news, available from NBC, this attack seems to be the largest in history for cyber crimes like this one. It appears that the perpetrators executed this attack by implanting malware , that is easily available on certain websites that hackers often visit.
According to the most recent reports, the criminals were able to somehow gain online access to the Target web server. According to source,the web server was protected by the an outdated operating system with outdated security and virus protection. But it may not of mattered anywayas it appears that the hackers took the standard POS “attack malware” and modified it specifically so that it would not be detected when it was put in place. Once the malware was in the web server, these masterminds were then able to move along and gain access throughout the company’s internal network and ultimately deposit the malware directly into the POS (point of sale terminal). This was supposed completed by December 111 and then the criminals had to do nothing but sit back and wait. Transaction after transaction was taking place with the Target stores and the embedded software was doing the dirty work of collecting all the information about every customer that did his purchase with a credit or debit card. Swipe after swipe the collected records just piled up and up, and what was already bad enough (but still invisible) was about to get much worse as Black Friday and the holiday rush of shoppers was about to start.
Once the security breach and credit card information theft was discovered and stopped the early on estimates were stating that “maybe” 1,000,000 credit cards credentials had been compromised but this was quickly updated and the estimate was 40,000,000. As of January 20, the new estimate is up to 110,000,000 and even this may grow yet. To date there are no estimates or reports stating how many of the stolen credentials have been used or how much was charged against them.
Investigation is continuing and there is a strong indication that the cyber crime may have been planned and initiated by a leader who was tracked down on VKontacte, Russia’s largest social network. This, along with other information acquired, is leading investigators to the conclusion that the effort was played out by a group with ties to Russia and the Ukraine.
In a separate report from the LA Times, an investigation has been launched regarding 2 Mexican nationals that were arrested as they tried to cross over from Mexico into the United States. In their possession were scores of fraudulent credit cards. What led to their arrest was that during preceding weeks stores in the area were being hit with the use of other fraudulent credit cards. Police examined video from the specific transactions and were able to link them to a specific vehicle that had gone through the border crossing. An alert was issued and this past weekend when the same vehicle again tried to enter the United states the arrested were made and the search that discovered the credit cards took place. They are currently being held in jail as the investigation moves forward, but there is strong speculation that the cards confiscated do indeed come from the Target cyber attack.