Sign in with
Sign up | Sign in

Malware Was Used in December's Target Hack

By - Source: CNBC | B 12 comments

Malware including RAM scrapers were used in the Target attack.

At this time, Target has not disclosed how hackers managed to breach its network and scoop up the information of 70 million shoppers. However, according to a Reuters exclusive scoop, unnamed sources claim that the hackers used pieces of malware to do the dirty work, one of which was a RAM scraper.

A RAM scraper is memory-parsing software that allows cyber-crooks to grab encrypted data as it travels through live memory of a computer, where it appears in plain unencrypted text. Reuters reports that the technique has been around for years, but is getting more use as companies improve their security.

"Sunday (Dec. 15) was really day one," said Target Chairman and CEO Gregg Steinhafel regarding the amount of time it took Target to inform the public. "That was the day we confirmed we had an issue and so our number one priority was ... making our environment safe and secure. By six o'clock at night, our environment was safe and secure. We eliminated the malware in the access point, we were very confident that coming into Monday guests could come to Target and shop with confidence and no risk."

In speaking with CNBC, the Target CEO said day 2 was about initiating the investigation, day 3 was about getting Target prepared about the onslaught of customer communication, and day 4 was about alerting the public.

"We are in the middle of a criminal investigation as you can appreciate and we can only share so much. ... We are not going to rest until we understand what happened and how that happened," he said. "Clearly we are accountable and we are responsible—but we are going to come out at the end of this a better company and we are going to make significant changes."

Steinfhafel admitted that the full details are unknown, but what he could say was that malware was installed on the company's point of sale registers. Currently, the company is working with law enforcement to determine who installed the malware and when it was done. However, right now the biggest challenge for Target is convincing the American public that the company is even more secure than it was before, and it's safe to shop worry-free.

On Friday, Target confirmed that the private information of 70 million shoppers was acquired by the hackers. The information included names, mailing addresses, email addresses, and phone numbers. The company previously announced that the credit card numbers and encrypted PIN numbers of 40 million credit and debit cards were stolen.

Add your comment Display 12 Comments.
  • 5 Hide
    BluePhantom , January 13, 2014 4:25 PM
    Well i guess that attack was right on target...
  • 1 Hide
    lancelot123 , January 13, 2014 4:56 PM
    Quote:
    Well i guess that attack was right on target...
    YEEEEEAAAAAAAHH!!!
  • 2 Hide
    p05esto , January 13, 2014 6:51 PM
    No kidding, they really hit the bullyseye here with splitting arrow arruracy. I mean what did Target expect with such a big target on their back?
  • 1 Hide
    Blazer1985 , January 13, 2014 7:00 PM
    Can't stop laughing about the first two comments :-DDD
  • 0 Hide
    scottoOH , January 13, 2014 7:12 PM
    "However, right now the biggest challenge for Target is convincing the American public that the company is even more secure than it was before, and it's safe to shop worry-free."Ya, because all of our information has already been stolen!
  • 0 Hide
    ubercake , January 14, 2014 6:45 AM
    Makes me think twice about ever shopping at target again without using the green stuff.
  • -1 Hide
    Zachasaurs , January 14, 2014 7:38 AM
    this is strange about a week ago a 95 year old woman in my neighbor hood was visited by the nsa or something with their guns out about this. why would you do this to a 95 year old woman who just makes amazing chocolate truffles for all of her neighbors cmon nsa.
  • 0 Hide
    freggo , January 14, 2014 7:51 AM
    How about 1 day prison for each hacked account?That should be a fair penalty for the time wasted by each account holder.
  • 0 Hide
    dextermat , January 14, 2014 11:20 AM
    This is why I pay cash most of the time!!
  • 1 Hide
    hasten , January 14, 2014 12:01 PM
    Quote:
    this is strange about a week ago a 95 year old woman in my neighbor hood was visited by the nsa or something with their guns out about this. why would you do this to a 95 year old woman who just makes amazing chocolate truffles for all of her neighbors cmon nsa.
    Poor attempt at being "hip". NSA doesn't raid anyone...
  • 0 Hide
    Zachasaurs , January 15, 2014 1:20 PM
    Quote:
    Quote:
    this is strange about a week ago a 95 year old woman in my neighbor hood was visited by the nsa or something with their guns out about this. why would you do this to a 95 year old woman who just makes amazing chocolate truffles for all of her neighbors cmon nsa.
    Poor attempt at being "hip". NSA doesn't raid anyone...


    yah so unless she is secretly hiding dangerous people or is poisoning the whole neighborhood the nsa should go redo its priorities
  • 0 Hide
    hasten , January 15, 2014 4:55 PM
    Quote:
    Quote:
    Quote:
    this is strange about a week ago a 95 year old woman in my neighbor hood was visited by the nsa or something with their guns out about this. why would you do this to a 95 year old woman who just makes amazing chocolate truffles for all of her neighbors cmon nsa.
    Poor attempt at being "hip". NSA doesn't raid anyone...


    yah so unless she is secretly hiding dangerous people or is poisoning the whole neighborhood the nsa should go redo its priorities


    I know you are really trying hard to fit in trashing the NSA, but you realize that the NSA literally does not raid ANYONE. They do not perform that action. If a raid is happening it would likely be the FBI or Joint Terrorist Task Force working on their behalf. So therefore the NSA raided no one.
React To This Article