Cybercrime firm says it uncovers 6 active attacks on US merchants

ReutersJanuary 18, 2014 

BOSTON — A cybercrime firm says it has uncovered at least six ongoing attacks at U.S. merchants whose credit card processing systems are infected with the same type of malicious software used to steal data from Target Corp.

Andrew Komarov, chief executive of the cybersecurity firm IntelCrawler, told Reuters that his company has alerted law enforcement, Visa Inc. and intelligence teams at several large banks about the findings. He said payment card data was stolen in the attacks, though he didn’t know how much.

IntelCrawler’s findings are the latest sign that the cyberattacks disclosed by Target Inc. and upscale department store Neiman Marcus are part of a wider assault on U.S. retailer customer data security.

On Thursday, the U.S. government and the private security intelligence firm iSIGHT Partners warned merchants and financial services firms that the BlackPOS software used against No. 3 U.S. retailer Target had been used in a string of other breaches at retailers — but did not say how many.

Credit card companies, banks and retailers say that victims of any fraud resulting from the theft of their payment card data bear “zero liability” and will be credited for fraudulent purchases made on their accounts.

“Our rules say five days, but most consumers get (their money) back within 24 hours,” Visa spokeswoman Rosetta Jones said. Yet consumer advocates said that any debit card fraud could result in money being drained from a bank, mutual fund or other cash account at a time when those funds were really needed.

Data breaches also can be costly for the retailers and credit card firms affected, along with the companies that process the payments.

LATEST ATTACKS

Komarov, an expert on cybercrime who has helped law enforcement investigate previous attacks, told Reuters on Friday that retailers in California and New York were among those compromised by BlackPOS. Reuters was unable to confirm their names.

Komarov said he has not directly contacted those merchants. Security experts typically report cybercrimes through law enforcement rather than going directly to victims because the process can be time-consuming and victims are often suspicious when they first learn of attacks.

BlackPOS was developed by a hacker whose nickname is “Ree4” and who is now about 17 years old and living in St. Petersburg, Russia, according to Los Angeles-based IntelCrawler.

The teenager sold the malicious software to cybercriminals who then launched attacks on merchants, said Komarov, who has been monitoring Ree4’s activities since March.

Meanwhile, an email sent to the roughly 70 million Target customers who may have been affected by a pre-Christmas data breach is causing panic among those who fear it could be an attempt to victimize them again.

Target says the email, which offers free credit monitoring services to potential victims of the breach, is legitimate. But the company has identified a handful of scammers who are trying to take advantage of the public’s fear and confusion.

The Associated Press contributed to this report.

The News Tribune is pleased to provide this opportunity to share information, experiences and observations about what's in the news. Some of the comments may be reprinted elsewhere in the site or in the newspaper. We encourage lively, open debate on the issues of the day, and ask that you refrain from profanity, hate speech, personal comments and remarks that are off point. Thank you for taking the time to offer your thoughts.

Commenting FAQs | Terms of Service