Click to Skip Ad
Closing in...

FBI: More Target-like malware attacks are coming

Published Jan 24th, 2014 7:30PM EST
FBI Target Malware Attacks

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

In a confidential report for retailers that was seen by Reuters, the FBI is warning companies to prepare for Target-like malware attacks in the future, as the agency has discovered about 20 similar hacks that used the same software in the past year. 

“We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms’ actions to mitigate it,” the FBI report said. “The accessibility of the malware on underground forums, the affordability of the software and the huge potential profits to be made from retail [point-of-sale] POS systems in the United States make this type of financially motivated cyber crime attractive to a wide range of actors.”

The report apparently didn’t name any other potentially affected companies, but revealed that the bulk of POS attacks the FBI investigated involved small-to-mid sized local or regional businesses, with estimated losses ranging from tens of thousands to millions of dollars.

So far only Target and Neiman Marcus acknowledged data breaches – hackers managed to steal from Target over 40 million credit and debit card records complete with encrypted PIN numbers, and personal data belonging to 70 million customers, while Neiman Marcus said that 1.1 million credit cards were breached.

The POS software that allowed hackers to steal data is still available for sale in underground forums, with one version of it known as Alina having an option that allows hackers to remotely upgrade the malware in order to avoid detection. Such malware can retail for as much as $6,000, an attractive offer for people looking to hack retail chains.

Retailers are scared of such sophisticated potential attacks, one unnamed consultant who is advising companies in current investigations told Reuters.

“Everybody we work with in the retail space is scared to death because they don’t have a lot of defenses to prepare against these types of attacks,” the consultant said. “This is not just based on anybody saying ‘This is going to happen.’ This is based on statistical data that the FBI is seeing.”

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.