CHINA TOPIX

Updated 11:29 AM EDT, Tue, Jun 16, 2020

Make CT Your Homepage

BlackPOS Malware Hacks into Home Depot; Steals Credit Card Data

Home Depot

(Photo : Wikimedia Commons) A Home Depot retail outlet

Forensic investigators have identified the malware used to hack Home Depot's retail network.

BlackPOS is likely the culprit in the enigmatic cyber attack on Home Depot. It took forensic investigators six days for to figure out what they were facing.

BlackPOS is a strong malware strain and supercharged version of software used in Target's massive information breach in December 2013.

Like Us on Facebook

The malware, also known as Kaptoxa, was developed to steal important information from credit cards used at digital registers or point-of-sale terminals infected with the malicious code. BlackPOS only compromises computers running on Microsoft's Windows operating system.

The hack of Target, which resulted in the theft of almost 70 million customers' credit card information and ran up over US$100 million in fraudulent charges, was caused by a Kaptoxa variant. 

Police investigators discovered that only one point-of-sale terminal was infected by the BlackPOS malware. The breach of led to the resignation of chief executive officer Gregg Steinhafel.

The damage inflicted on Home Depot by the hack is still being assessed. The home improvement company only learned of the attack from its partner banks.

The banks told Home Depot that credit card credentials dumped on Rescator.cc and other suspicious cyber black market sites were traced back to Home Depot.

Although the banking associates noticed the anomalies back in April, Home Depot only began its investigation last week.

Home Depot CEO Francis Blake, however, claimed no personal consumer identification numbers were stolen.

This claim was refuted by the blog Krebs on Security, which reported that credit card credentials from Home Depot were still being sold on shady black market sites as of Tuesday.

Krebs also said the information stolen from Home Depot has the owner's full name, city, state and ZIP code of the store from whence it came.

Real Time Analytics