FBI: More Target-Style Hacks on Way

20 other cases used similar malware in past year
By Arden Dier,  Newser Staff
Posted Jan 24, 2014 5:00 AM CST

(Newser) – A warning to shoppers: More cyber attacks like this one and this one are coming, according to a three-page confidential FBI report seen by Reuters, a determination the FBI made after finding some 20 hacking cases in the last year used the same type of malware as in the Target breach. Specifically, it's "memory-parsing" software known as a "RAM scraper," and it steals the transaction data from a credit or debit card's magnetic strip during the brief moment during the transaction process that the info isn't encrypted.

story continues below

While the software itself isn't new, it's been beefed up to avoid detection by anti-virus software, and it's being sold in underground forums for relatively cheap—about $6,000 in one case—which makes the crime "attractive to a wide range of actors," reads the Jan. 17 report. A cyber security expert tells NPR that magnetic strip cards are "totally unprotected" and "about the worst security that you can put into a payment system." While chip-enabled cards are far more secure—with data hidden behind encryption—Visa says it had only issued about 3.5 million chip cards as of mid-last year; the majority of users probably won't have them in their hands until next year. Upgrading merchant terminals and ATMs will take even longer. (Read more Target stories.)

We use cookies. By Clicking "OK" or any content on this site, you agree to allow cookies to be placed. Read more in our privacy policy.
Get the news faster.
Tap to install our app.