Even though police have arrested two people in Texas who have used stolen Target credit card information, the hackers behind the breach will likely never be found, AP reports. The breach, in which 40 million credit and debit card numbers were stolen along with the personal information for 70 million customers, was likely carried about out by Russian or Eastern European hackers. These hackers are likely part of a complex heirarchy that keeps them several layers removed from the arrested card users.
At the lowest level, there are the card users who buy the stolen credit and debit card information and use it to buy expensive goods. They likely buy this information from spam emails sent out by recruiters. They are then sent the information, and instructed on how to use it. They can either use the card for online shopping or encode it onto a blank card using an inexpensive gadget. Using a stolen card is risky, so the actual card users are the most likely to get caught.
On the next level, there are the recruiters who send out the spam emails to the card users. Once they buy, the recruiter sends them the credit card information and instructs the card users to buy lots of expensive merchandise, in exchange for a small percentage of the merchandise’s value. Once a card buyer is arrested, the only information they are likely to have about the recruiter is their email address, making it difficult for police to find the recruiters.
Then there are the actual hackers, who carried out the attack and sold the credit and debit card information to recruiters. They likely did not write the code that was used, but bought it off the black market.
At the top are those who wrote the original code that was used to attack Target. The creators of this code likely did not use the code; instead, they sell their code to the hackers. In Target’s case, the code appears similar to a program that sells on the black market for $1,800 and likely came from Russia or Eastern Europe.