A security company that worked with the U.S. Secret Service to investigate the data breach at Target identified the malware used in the attack as a sophisticated derivative of a previously known Trojan program designed to steal data from Point-of-Sale (POS) systems.
In a report released late last week, iSight Partners identified the tool as Trojan.POSRAM, which it described as software that can find, store, and transmit credit card and PIN numbers from POS systems.
The Trojan is being used in a "persistent, wide ranging, and sophisticated" cyber campaign dubbed KAPTOXA targeting "many operators" of POS systems, the company warned. Some affected companies may not yet know they've been compromised or have already lost data, the iSight report noted. It did not mention Target as the company that was investigated.
Tiffany Jones, the author of the report, described the POSRAM Trojan as a customized version of BlackPOS, a piece of malware that has been available in the cyber underground since at least last February.
To read this article in full or to leave a comment, please click here
ConversionConversion EmoticonEmoticon