Details of the Target hack are slowly becoming clear.
Two coders have been associated with the malware. It appears that initial entry to the Target network was made via standard methods (eg weak passwords), and the target of the attack was the server that processed the card data. From there, the malware was installed on the POS terminals.
The malware itself grabbed the unencrypted data from memory during the period of time that it is unencrypted in order to allow authentication to take place. The data was then stored locally and transmitted to a compromised collection server on a scheduled basis.
No comments:
Post a Comment