Russian Teenager is the Author of the Malware which was used in Attacks against US Retailers

THE WASHINGTON POST reported on 18th January, 2014 quoting security firm Intelcrawler as saying "we have identified a Russian teenager responsible for the malware apparently used in the cyberattacks against US retailers Target and Neiman Marcus."

The inventor is Sergey Taraspov, 17 year old Russian, who is known as "ree(4)" in cybercriminal scene.

In fact, he first invented the malware which was initially named Kaptoxa and later rebranded as BlackPOS in March 2013 and in the beginning the threat was used to infect point-of-sale (POS) systems in the US, Canada and Australia.

The author of the malware apparently sold more than 40 builds of his creation to cybercriminals in Eastern Europe and other countries for approximately $2,000 (1,500 Pound) and he made half of the profit by selling stolen data of payment cards.

BlackPOS was sold to owners of many underground websites which specialize in payment cards like Privateservices.biz, .rescator and Track2.name.

Ree(4) is also the creator of brute force attack and other malicious tools and made money by providing DDOS training of attack and from hacking of social media account.

The firm (referring to IntelCrawler) posted online photo of Sergey Taraspov. He reportedly had a reputation of "very well known" programmer in underground marketplaces for malicious code and according to the firm; the teenager did not perpetrate the attacks.

IntelCrawler.com published a statement on 17th January, 2014 quoting a comment by Dan Clements, President of IntelCrawler, on Sergey Taraspov as saying "he is still visible to us but the customers of retailers like Target and Neiman Marcus are responsible for the past attacks."

Scmp.com published a statement on 19th January, 2014 quoting Andrew Komarov, Chief Executive of IntelCrawler, as saying "the attackers bought the software and entered into the systems of retailers to access the registers remotely with easy passwords."

Komarov said that retailers apparently using quite easy passwords on most remote-access servers and there were not much restrictions on the access to servers of the remote point-of-sale in many companies enabling hackers to gain access to servers at back-office.

» SPAMfighter News - 1/31/2014