The security breach that impacted 70 million Target customers last month may have been caused by malware created by a 17-year-old Russian hacker. While the suspected teenager wasn't actually responsible for perpetrating the attacks, he did reportedly write the software, known as BlackPOS, that was used after being purchased by the eventual attackers. The news comes courtesy of "multi-tier intelligence aggregator" IntelCrawler, which reports that the malware used during the Target breach "may have" also been a part of a similar attack on retailer Neiman Marcus.
"Most of the victims are department stores."
"Most of the victims are department stores," says IntelCrawler CEO Andrew Komarov. "More BlackPOS infections, as well as new breaches can appear very soon, retailers and security community should be prepared for them." According to the company, the very first sample of the malware was created last March, and the first infected point-of-sales systems were in the United States, Australia, and Canada. In the wake of the massive Target attack, this week the US government sent a document to major retailers outlining just how the retailer's point-of-sale systems were breached, noting that the malware was written partly in Russian by someone with "a high degree of skill."