In his Krebs on Security blog published late Sunday, security researcher Brian Krebs cited “sources close to the investigation” who told him that two different variants of the same malicious software were responsible for cyberattacks against both retail chains. Specifically, one of the sources said that at least some of Home Depot’s store registers were infected by a new variant of a malware strain known as “BlackPOS,” the same type of malware found on point-of-sale systems at Target in last year’s attack.
Detailed in August by security provider TrendMicro, the new BlackPOS variant specifically appears to be aimed at retail accounts as it has the ability to steal credit and debit card information from the physical memory of a point-of-sale device, Krebs explained. The new variant can also masquerade itself as a feature of antivirus software. More