The source of the Target data breach that occurred during last year's holiday season is most likely a malicious software company that was created by a teenaged hacker.
The culprit, BlackPOS software, was created by a 17-year-old Russian named Sergey Taraspov, the International Business Times reported Friday. Intelligence officials were able to connect BlackPOS to Target because the same type of malware was used in a 2012 security breach in a store in Canada.
Taraspov, a notorious malware programmer, sold BlackPOS software to several other hackers in Eastern Europe, the cyber protection company IntelCrawler told the IBTimes.
"He is still visible for us, but the real bad actors responsible for the past attacks on retailers such as Target and Neiman Marcus were just his customers," Dan Clements, IntelCrawler's president, told the IBTimes.
Some of Taraspov's customers included black market credit card companies, including "Track2.name," "Privateservices.biz" and ".rescator," the IBTimes reported.
Luxury store Neiman Marcus announced on Jan. 11 that the credit card information of millions of its customers was hacked during the 2013 holiday season. The security breach was announced just weeks after Target Corporation said 40 million of its customers had their credit and debit card information stolen during a three-week period that began around Thanksgiving. Target later reported that 70 million of its customers had their information compromised.
IntelCrawler also said that six other U.S. retailers were hacked Friday by the same BlackPOS malware used for Target and Neiman Marcus. IntelCrawler's chief executive, Andrew Kamarov, told IBTimes that only two of the stores have been identified, but did not release the names.
Kamarov told Reuters that some of the retailers are in New York and California.
IntelCrawler is working with Visa Inc., and other intelligence firms and law enforcement to thwart the security breach, the IBTimes reported.
© 2025 HNGN, All rights reserved. Do not reproduce without permission.
