National News
RAM Scrapers at Heart of Massive Retail Credit Data Breaches
February 03, 2014 posted by Steve Brownstein
Attackers most likely used a random access memory scraper to compromise point of sale terminals at Target and Neiman Marcus, and then steal credit card data and other account information, according to security experts.
The online thieves grabbed at the stage before the data was encrypted, says Sophos adviser Chester Wisniewski.
"They are doing the same thing that the [National Security Agency] does," he says.
"You read it before it is encrypted or after it is decrypted, then you don't have to break the encryption."
The technology is not new, but modern versions are sophisticated.
The latest versions include a malware threat alternatively known as Trackr and Alina, which has been used to target a variety of industries.
The software looks for a broader range of data and takes steps to hide its tracks, such as encrypting stolen data, according to Wisniewski.
Moreover, attackers have added legitimate-sounding file names to deceive victims and linked the code using botnet functionality.
eWeek (01/13/14) Lemos, Robert
