Homeland Security warns retailers about malware that hit Target


The U.S. Department of Homeland Security has gotten involved in investigating the massive data breach at Target.

CNN reports information about the malware used to hijack customer information was detailed in a government report and distributed to the nation's major retailers. The government alerted retailers the aggressive software that led to the compromise of data at Target has likely infected other companies.

The Star Tribune reports that federal authorities issued the technical bulletin that contains descriptions of the malware that hackers used to attack Target. The report says the Secret Service and the cybersecurity arm of the Department of Homeland Security began working together on the issue as early as Dec. 18, the first day that news surfaced about the data breach.

The report said multiple retailers are still being attacked and calls this malware variant "the most dangerous ever used." The malicious file infects point-of-sale devices – cash registers – and extracts customer data processed on them. Then the data is transmitted, according to Tiffany Jones, senior vice president at iSIGHT Partners, the private firm working on the investigation. In its report, iSIGHT Partners said the hackers "displayed innovation and a high degree of skill in orchestrating the various components of the activity." Here's a summary of that report.

Last week Target updated the number of customers who had their personal information compromised to 70 million. The number was later updated to as many as 110 million. Payment data was compromised for customers who shopped between Nov. 27 and Dec. 1.

The malware variant has been dubbed Trojan.POSRAM and was derived from another type of malware known as BlackPOS, the report said. Authorities have dubbed the point-of-sale operation KAPTOXA.

Brian Krebs, the computer security blogger who first revealed the Target breach, told the Star Tribune on Thursday he thinks a hacker he profiled in December is at the center of the Target heist. The man is a Ukrainian nicknamed Rescator.

FOX 9 reported that Krebs suspects the cyber crooks broke into Target through a Web server, then planted the malicious software server to snag stolen card data. The information was collected directly from magnetic strips before it could be encrypted, but, as the station notes, "...the wildest part is that it was sent to a server inside Target just six days later. That internal server uploaded 11 gigabytes of data over two weeks."

No antivirus product available on the market is able to detect the malware used in the attack, according to Krebs.

Target officials will discuss the problems at a U.S. House hearing in the first week of February before a subcommittee of the House Committee on Energy and Commerce.

Next Up

Taylor Rogers

Why Twins fans shouldn't give up on Taylor Rogers

The Twins closer struggled in 2020 but could rebound next season.

Co. Rd. 2 crash, Wakefield Twp.

Teen driver leaves road, crashes into three trees

Fortunately, the 16-year-old was not injured.

animal crossing mndot

Minnesota is getting its first highway crossing for animals

This will provide a safe way for animals to cross the street, and hopefully limit deer-vehicle collisions.

Screen Shot 2020-12-04 at 11.00.30 AM

Money Gal Coaching: Habits of a millionaire, just in time for the holidays?

Kelly Blodgett started Money Gal Coaching after paying down nearly $50K in debt in 18 months.

Mayo Belle Plaine

Mayo temporarily closes 5 clinics in southern MN amid COVID surge

The Mayo is reallocating staff to other sites as it deals with the COVID outbreak.

soda pop

MDH finds 'troubling' trend in how many sugary drinks students are consuming

Nearly half of students have a sugary drink a day. Health officials recommend limiting it to one per week or fewer.

Rent, mortgage, house, key, door

Minnesotans have till Dec. 7 to apply for housing assistance

Gov. Tim Walz and Lt. Gov. Penny Flanagan issued a press release urging Minnesotans behind on bills to apply


Dec. 4 COVID-19 update: 61 deaths, hospitalizations drop day-over-day

The update includes new data on cases, deaths, positivity rates and hospitalizations.

Kevin Nokels

Mystery over Duluth hospital CEO's sudden departure

Kevin Nokels stepped down this week, after less than 18 months in the role.

lola missing dog

1 dog still missing after woman's vehicle was stolen in Minneapolis

The woman was dropping her daughter off at daycare when someone stole her car with her two dogs inside.

Zachary Robinson

St. Paul man pleads guilty to murder of woman pregnant with his child

The 27-year-old will spend the next five decades in prison.

fire, firefighter

Fire at southern Minnesota farm kills 2,000 pigs

The fire started around 8 a.m. Thursday.