A Russian teenager authored the malware behind the Target data breach during the holiday shopping season, a cyber security firm said Sunday, and the same malware may have also been involved in the Neiman Marcus attack, it says.
IntelCrawler, based in Los Angeles, says Sergey Taraspov, with roots in St. Petersburg, authored the code and sold it for about $2,000 to dozens of cybercriminals in Eastern Europe and other countries.
"The probability is rising that the perpetrator of the (Target breach) got the program from him," says Dan Clements, IntelCrawler president.
The firm says Taraspov is "close" to 17 years old. The firm's CEO did the first report on the malware, known as BlackPOS, earlier last year and Taraspov was identified then as the author, Clements says. Taraspov is a well known programmer of malicious code in the underground world, IntelCrawler says.
Target, the nation's second-largest retailer, has apologized for the security breach, which it said affected up to 110 million shoppers. Neiman Marcus has not said how many customers were affected by its breach, though several security analysts have said they believe it was at least 1 million shoppers.
Clements says IntelCrawler has uncovered six other breaches at retail stores, including two small clothing firms in Los Angeles and four mid-sized department stores in Colorado, Arizona, New York and California. The firm declined to name the retailers but says it has forwarded information to law enforcement officials.
The software enabled the thieves to remotely hack into the retailers' computer systems and obtain customer credit card and pin numbers and send back to a computer controlled by cyber thieves.
State and federal officials, including the Secret Service, have launched an extensive investigation into the breaches.