Target's point-of-sale terminals infected with malware

code
Up to 110 million have been affected by the breach

The CEO of retailer Target has revealed in an interview that the company point-of-sale (PoS) system were infected with malware, confirming what security experts had expected back during the huge data breach at Target in December.

Greg Steinhafel told CNBC: "We don't know the full extent of what transpired, but what we do know is that there was malware installed on our point-of-sale registers. That much we've established."

Originally the American retail giant said that approximately 40 million credit card and debit card accounts may have been compromised by the breach. Now the company has announced that personal data, including names, addresses and emails, had also been stolen from an additional 70 million.

How is it done?

Malware programs designed for PoS systems are commonly referred to as RAM scrapers, because they search the terminal's random access memory (RAM) for transaction data and steal it.

PoS systems are actually computers with peripherals like card readers and keypads attached to them. Many of these systems run a version of Windows Embedded as the OS as well as special cash register software.

With the information from a card's magnetic stripe, known as track 1 and track 2 data, cybercriminals can effectively clone the card. However, they also need the PIN in order to withdraw money from an ATM or perform fraudulent transactions with a cloned debit card.

A post on an underground blog also surfaced recently with the author asking for aid in deciphering a 50GB collection of encrypted PIN codes. Researchers at IntelCrawler followed the discussion and determined that some of the cards in a sample provided by the author were issued by U.S and Canadian banks.

The recent request by the underground to decrypt PIN data may be coincidental to the Target breach or possibly some of the actual perpetrators floating the sample to see what resources and success the power of the underground has had or could have given the magnitude and value of the Target breach," they said in a blog post.

TOPICS
Latest in Security
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Google Chrome
Google Chrome security flaw could have let hackers spy on all your online habits
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Latest in News
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
inZOI promotional material.
inZOI has become the most wishlisted game on Steam, but I wouldn't get too caught up in the hype
Xbox Series X and Xbox wireless controller set to a green background
Xbox Insiders are currently testing a new Game Hub feature that looks useful, but I've got mixed feelings about it
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Nespresso Vertuo Pop machine in Candy Pink with coffee drinks and capsules
My favorite Nespresso coffee maker just got a fresh new makeover, and now I love it even more
Microsoft Surface Laptop and Surface Pro devices on a table.
Hate Windows 11’s search? Microsoft is fixing it with AI, and that almost makes me want to buy a Copilot+ PC