By Daily Mail Reporter 14:07 BST 18 Jan 2014, updated 19:33 BST 19 Jan 2014
A baby-faced teenager is the key suspect behind the software that was used in the massive security breach at Target over the holidays.
As many as 110 million Target shoppers had their credit card details stolen after a computer program was written to collect the credit card details of shoppers.
The data theft, unprecedented in its scale, took place over a 19-day period that began the day before Thanksgiving. Target said that it identified and resolved the issue on December 15.HOW DID HACKERS STEAL THE CREDIT CARD DETAILS?
Hackers are thought to have stolen the credit card details by breaking in to Target's computer systems and installing data mining software on credit card machines.
The software installed on 40,000 machines across Target's 1,797 stores read the information on a card's magnetic strip -including account number, sort code and CCV code - when it was swiped through the machine.
All the card details were then sent back to the hackers through the internet, before the theft was discovered after nearly three weeks.
It is thought hackers obtained the data by remotely installing software on 40,000 credit card machines in nearly all of Target's 1,797 stores nationwide.
It's also thought the malicious software, or malware, has infected the payment systems of six other retailers too.
The firm, IntelCrawler, which has tracked the malware’s architect for months, believes the main suspect to be a 17-year-old Russian.Related Articles
He’s a 17-year-old with 'roots' in St.Petersburg, Russia, according to the report and conversations with executives from IntelCrawler.
IntelCrawler CEO Andrew Komarov didn’t accuse the young man of the Target heist but said he believes he developed the software used to skim credit card numbers and other personal data from millions of Target shoppers.
The malware, known as BlackPOS, has been downloaded at least 60 times since it was created, Komarov said.
IntelCrawler has alerted US authorities and Visa of the fresh attack targets, Komarov said. The firm began detecting large-scale cyber attacks on point-of-sale terminals across the U.S., Canada and Australia in early 2013. The company is not aware of any non-U.S. retailers now being attacked with BlackPOS software, Komarov said.
The CEO began investigating the malware case in March at the request of banking clients and pretended to be a 'bad actor' seeking to acquire the BlackPOS software.
The architect was selling the malware for $2,000 a time, but offered discounts to buyers who agreed to split the profits they reaped from the product.
After Target revealed that its massive security breach was due to BlackPOS, Komarov went back to track down the architect’s ID.
The Target attack has potentially compromised 40 million card accounts with some 70 million shoppers’ email and other personal information also stolen from a separate system during the security breach.
Target has advised its customers to check their statements carefully. Those who see suspicious charges on the cards should report it to their credit card companies and call Target at 866-852-8680.
© Sports Betting 2018