January 17, 2014
The malware that may have infected Target may also have affected a “large number” of other retail information systems, according to a report Thursday from security researchers and government officials.
A brief summary of the report, posted by the Dallas-based iSight partners security firm, said that a piece of malicious software known as KAPTOXA is targeting retailers’ point-of-sale systems. The company did not name specific retailers, but indicated that its investigation began on Dec. 18, the day before Target first announced that a breach had affected as many as 40 million customers. The company later broadened its estimate to say that the attack may have compromised the information of up to 110 million customers.
The report indicates that the malware is designed to “hook” into payment application programs to spy on the information they store in certain parts of the systems’ memory. When payments are authorized, that information must be decrypted, and the malware is able to identify and take that information.