Articles Tagged with Backoff Malware

These days it seems that with far too much frequency there is continually breaking news about another retailer with online outlets being victimized by a security breach. The latest of these high tech break-ins was successfully aimed at Home Depot and turned out to be executed by a low-tech method; at least when first hijacking their network.

The well-known distributor of appliances and supplies for home and garden items released news that show that a breach which began in April of this year and went undetected through September allowed hackers to steal credit and debit card data of fifty-six million customers. The news got worse when the company announced last week that in addition to the credit data being compromised as many as fifty-three million email addresses were also revealed to the hackers through the attack.

The hackers didn’t have to break through any firewalls or tough encryption protocols or even find a flaw in their Website’s security code. They did it the old fashioned way by stealing a vendor’s login information to gain access to their network.

Once inside the system the online bandits were able to move around the network and plant malware known as “Backoff” which in this case was custom-built, accessing records of customer’s credit and debit card information at point of sale terminals that were located throughout the United States and Canada. This type of bug had been previously flagged by the Secret Service leading the Agency to issue an advisory that warned businesses of the threat before this latest attack took place.

According to Kaspersky Labs a well-regarded cyber security company, the amount of companies targeted by this method may easily have exceeded the more than one thousand companies thought to be affected by it based on estimates released by federal officials.

The technicians from Kaspersky found that during a period of only a few days of their investigation, in excess of one hundred networks from eighty-five separate IP addresses were attempting to link to what are technically known as malicious command-and-control servers.

Malicious command-and-control servers are used in cyber-attacks for the purpose of maintaining communication with systems that have been previously compromised within a network that has been breached. Ninety-seven of those infected systems were in the U.S and Canada with the other small group targeting Israel and the United Kingdom.

It appears that most of the systems were compromised quite a while ago, since this particular Backoff component had been identified as early as October of last year according to one of the senior security researchers at Kaspersky. “Looking at the bigger picture here, these companies were infected for a very long time, maybe even half a year or longer,” said Roel Schouwenberg, the senior security researcher that was interviewed and speculated that the companies under attack “should have detected and blocked any malicious activity related to the malware” and then added that “none of the companies appears to have even known they were infected.”

It appears that Home Depot did not learn from the massive data breach earlier this year against Target stores that affected more than 100 million customers. The company has been accused of not keeping up-to-date on necessary security measures that would have made them aware of the planted malware ultimately thwarting the break-in and subsequent data theft.

The implications of such a theft of data are usually not immediately felt but the threat continually exits without taking measures to protect the stolen data. That’s not to say that there aren’t immediate financial ramifications.

Before the breach was even publicized a consumer class action suit was filed in federal court by First Choice Federal Credit Union that listed an extensive listing of damages. The case was filed in Georgia which is Home Depot’s hub.

First Choice which is located in New Castle, Pennsylvania filed the suit on behalf of financial institutions including credit unions and banks anticipating that they will be suffering injuries as a result of a massive security breach which compromised the retailer’s customers’ names, and zip codes of the stores marked by the theft, debit and credit numbers along with their expiration dates, and verification codes. The suit also mentions the immediate costs of redistributing new cards and other costs involving the intensity of labor needed to achieve it. To sum it up, the complaint states that “Home Depot utilized weak password configurations and did not employ lockout security procedures at its remote access points.”

In Florida, the breach affected 434,000 members of credit unions. With the average cost of each card estimated to be just over eight dollars it will cost close to three and one half million dollars to replace and reissue the cards as well as sustaining additional costs for notifying their members by way of additional staffing. Charges will also be incurred for the monitoring of the affected accounts. These figures are according to the League of Southeastern Credit Unions and Affiliates.

To read more in detail about computer and Internet cases visit the following page on my Website: https://www.southflalaw.com/federal-computer-crimes.html

Continue reading ›

Contact Information