The most high-profile hack in recent months has no doubt belonged to mega-retailer Target, which suffered the theft of over 40 million credit card numbers around Thanksgiving. The hack is still being investigated, but independent journalist Brian Krebs discovered "memory-scraping" malware hiding on Target's POS this week. You can find all the details in Dan Goodin's story, Point-of-sale malware infecting Target found hiding in plain sight.
Ars readers, of course, had plenty of theories as to how that malware got there. nijave wrote, "The registers probably either network boot or periodically contact a server to check for updated versions automatically. I'm guessing they compromised the server that the POS systems boot/get updates from. That system is probably fairly easily accessible. Running a network vulnerability scanner probably would find an exploitable server they could install their command and control server on. This could have been one of the inventory management servers the registers are allowed to communicate with."
Spazmodica had a more big-picture view: "Target got completely hosed on this. There definitely seems to be an insider element, plus a fair amount of incompetency. But aside from some IT staff who will lose their jobs, the only harm is to the consumers whose data has been compromised. The corporation itself won't face any real consequences, since it's perfectly legal to lose consumer data in the USA (unless it's medical data), and of course here in America corporate executives are never held accountable for anything." And Scallywag quipped, "POS systems are, indeed, well named."
Read 12 remaining paragraphs | Comments
     |