KAPTOXA POS Report Overview – “iSIGHT Partners, working with the U.S. Secret Service, has determined that a new piece of malicious software, KAPTOXA (Kar-Toe-Sha), has potentially infected a large number of retail information systems. This software can find, store, and then transmit sensitive information such as credit card and PIN numbers. These findings are part of a need-to-know joint report released today by the Department of Homeland Security, USSS, FS-ISAC and iSIGHT Partners. The use of malware to compromise payment information storage systems is not new. However, it is the first time we have seen this attack at this scale and sophistication. Importantly, this software contains a new kind of attack method that is able to covertly subvert network controls and common forensic tactics, concealing all data transfers and executions that may have been run, rendering it harder to detect. Many retail organizations may not know that they have been infected, or that they have already lost data.”
- See also – New York Times: A Sneaky Path Into Target Customers Wallets - An examination by The New York Times into an enormous data theft shows that Target’s system was particularly vulnerable to attack; and Reuters Exclusive: Cybercrime firm says uncovers six active attacks on U.S. merchants.