Security Firm: Evidence Points to Breaches at More Retailers

Jan. 20, 2014

Evidence Points to Breaches at More Retailers A Los Angeles-based cybersecurity firm said Friday it has uncovered malware attacks on the systems of six additional U.S. retailers using the same methods employed against mega-retailer Target in December. InterCrawler CEO Andrew Komarov told Reuters his firm has turned over evidence of the breaches to law enforcement, the card networks and issuing banks, but has not identified the affected firms publicly.

InterCrawler said the malware that infected Target’s systems and potentially others, which has come to be known as BlackPOS, was developed by a Russian teenager known as Ree4. According to postings in underground forums monitored by InterCrawler, Ree4 has made the malicious code available to criminals who have used it to infect systems in Australia, Canada and now the U.S.

On its Website, InterCrawler published exchanges between Ree4 and prospective customers and other selected pieces of evidence showing that BlackPOS intrusions may have taken place at other retailers.

“Most of the victims are department stores,” said Komarov. “More BlackPOS infections, as well as new breaches can appear very soon, retailers and security community should be prepared for them.”