CATEGORIES
home News

Home Depot Hack The Result Of New Variant Of BlackPOS Malware That Hit Target

by Rob WilliamsTuesday, September 09, 2014, 01:00 PM EDT

We reported a week ago today that Home Depot is the latest retailer to be struck by a security breach, and at the time, it seemed certain that the attack was similar to the one cast on Target last year. As it turns out, that happens to be the case, with the point-of-sale malware "BlackPOS" at the root of it all.

According to KrebsOnSecurity, which broke the news last week, modified BlackPOS malware infected some Home Depot stores. This malware is designed to siphon information from the credit card after it's swiped, and it supposedly only affects POS machines running Windows.

What's worrying is this: Since last week, even more batches of credit card numbers have hit the black market - nine in total. That's in addition to the two original batches, and like those originals, these new ones carry the label "American Sanctions".

Also potentially worrying is what this new version of BlackPOS brings to the table. It's able to fetch card data from memory, and it can also disguise itself to make it look like it's part of the anti-virus solution that exists on the system. Interestingly, the malware is also riddled with anti-American strings of texts, and even URLs that directly link to content that revolves around the country's current conflicts - mostly those to do with Libya and Ukraine.

That all aside, while it took a week to happen, Home Depot has today finally admitted that a breach has taken place:

Last Tuesday, September 2, we disclosed that we were investigating a possible breach of our payment data systems. We want you to know that we have now confirmed that those systems have in fact been breached, which could potentially impact any customer that has used their payment card at our U.S. and Canadian stores, from April forward. We do not have any evidence that the breach has impacted stores in Mexico or customers who shopped online at HomeDepot.com.

In response to this, the company will be offering free identity protection services, including credit monitoring, to any customer who shopped at a Home Depot store from April 2014 onward. If you're interested in taking advantage of this, you can head on over to this landing page.

Tags:  Malware, security, Hacking
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment