The stolen username and password did not give the criminals direct access to Home Depot's payment system. But it did give the hackers access to a part of the company's network from where they could deploy malware on self-checkout systems in stores in the U.S. and Canada. The malware was a custom strain that Home Depot's security team had never seen before.
The malware was designed to evade antivirus software and has since been eliminated, Home Depot officials said.
For that, they had to turn to a vulnerability in Microsoft Windows that was patched only after the breach occurred, according to a story in Thursday’s Wall Street Journal.
Point 3: a malware strain designed to siphon data from cards when they are swiped at infected point-of-sale systems running Microsoft Windows.
Trend said the updated version, which it first spotted on Aug. 22, sports a few notable new features, including an enhanced capability to capture card data from the physical memory of infected point-of-sale devices.
Trend notes that the new BlackPOS variant uses a similar method to offload stolen card data as the version used in the attack on Target.
“In one the biggest data breach[es] we’ve seen in 2013, the cybercriminals behind it offloaded the gathered data to a compromised server first while a different malware running on the compromised server uploaded it to the FTP,”
The best way to view this information is that BlackPOS – the malware used…