First Target was hacked, then Neiman Marcus – there might still be other retail giants with hacked systems which we don’t know about – and the retail giants’ IT security being compromised so badly is a big shock to the public, who trust these retailers with the credit card and other personal data, millions upon millions of times daily.
In an interview with CNVC, Target Chairman and CEO Greg Steinhafel said that the hack realted to malware which infected their POS network (Point of Sale) – Reuters reported that this type of malware is a RAM scraper, or memory parser – meaning it takes information from the memory of the POS terminal.
While Target declined to comment, this Reuters report is given credibility by the United States Computer Emergency Readiness Team (US-CERT) who on January 2nd issued an alert regarding this very technique in relation to POS Targeting.
This class of malware must first infect the POS network, gaining access to the terminals used to swipe cards themselves, then runs though the memory (RAM) of the device, looking for strings which match the known formats of magnetic card-strip data from credit cards.
This type of malware is not new – previous holiday shopping seasons have seen similar exploits using very similar malware – in 2012, a RAM scraper called Dexter created similar problems for retailers.
Questions remain – how was this RAM scraper introduced to the POS network? Why wasn’t it detected immediately? How long had it been in place before being discovered? Was it actually discovered before the criminals began selling stolen card data?
Inquiring minds would like to know…