Skip to main content
  1. Tech
  2. Gadgets & Tech
  3. Tech Gear

Target's POS malware exposed: RAM scraper grabbed unencrypted data from live RAM

See also

On Sunday, Chairman and CEO Gregg Steinhafel spoke to CNBC and detailed the aftermath of the break-in that occurred through the company' point of sale registers, exposing tens of millions of customer transactions to hackers. On that same day, though, sources also said that Target and Neiman-Marcus -- which came forward on Friday and reported its own hack -- are not alone, and that smaller data breaches from at least three other well-known U.S. retailers are still undisclosed.

Steinhafel said:

Sunday (Dec. 15) was really day one. That was the day we confirmed we had an issue and so our number one priority was ... making our environment safe and secure. By six o'clock at night, our environment was safe and secure. We eliminated the malware in the access point, we were very confident that coming into Monday guests could come to Target and shop with confidence and no risk.

Day two was really about initiating the investigation work and the forensic work ... that has been ongoing. Day three was about preparation. We wanted to make sure our stores and our call centers could be as prepared as possible, and day four was about notification.

While it was confirmed that malware attacking Target's POS registers was at fault, it did not disclose the actual methodology behind the hack.

However, sources speaking to Reuters said the hackers attackers used similar techniques in all the attacks. One of the tools was what is known as a RAM scraper, or memory-parsing software, which grabs data from live RAM where it is transmitted "in the clear" (unencrypted).

Interestingly, Visa issued two alerts about these types of attacks last year, in April 2013 (.PDF) and again in August 2013 (.PDF).

Although Target said on Friday that since the data breach was announced, the company had seen "meaningfully weaker-than-expected sales," Steinhafel said that, as that day, Target's "shopping trends" were nearly back to normal.

Advertisement

Don't Miss

  • Massive
    Ubisoft Massive exclusive: 'The Division', PS4 & Xbox One, Activision to Ubisoft & more
    Camera
    Games Exclusive
  • iPhone
    Get your wallet ready: The next iPhone could cost $100 more than your last one
    Video
    Tech Buzz
  • Civ
    Need to catch up on 'Sid Meier's Civilization'? Here is everything you need to know
    Camera
    Games Feature
  • Google Glass
    See how Google Glass is letting sick kids go to the zoo without leaving the hospital
    Tech News
  • Upcoming
    These are 2014's biggest PS4, Xbox One and Wii U games
    Camera
    Games Feature
  • Google
    Google has filed for a patent to develop contact lenses capable of taking photos
    Video
    Headlines

User login

Log in
Sign in with your email and password. Or reset your password.
Write for us
Interested in becoming an Examiner and sharing your experience and passion? We're always looking for quality writers. Find out more about Examiner.com and apply today!