Security firm IntelCrawler has been analyzing the recent massive data breaches of Target and Neiman Marcus. The company said that it has identified the creator of the malware used in these attacks.
According its report, Sergey Taraspov, a 17-year-old boy from Russia, with Online handle 'ree[4]', allegedly first created the sample of the BlackPos malware in March 2013.
Initially the malware is referred as "Kaptoxa"("potatoe" - in russian slang) which was later referred as "Dump memory grabber" in underground forums by the creator. "BlackPOS" name came from the title used in C&C communications.
BlackPOS is a RAM scrapping malware totally written on VBScript which is designed to be installed on POS devices and steals all data from cards swiped through the infected system.
Based on its own sources, the organization determined that the first victim of the malware is Point of Sale(PoS) systems in Canada, US and Australia.
He has sold more than 40 builds of his creation to cyber criminals from Eastern Europe and other countries, for $2,000.
The hacker has created several hacking tools including a brute force attack and other malicious tools. He has also made some money with the training for DDOS attacks and Social network accounts hacking.
However, the organization said that the real cybercriminals behind the Target data breach were just customers of him.
Update:
After further investigation, IntelCrawler determined that the original BlackPOS malware is Rinat Shibaev. Sergey Taraspov is actually one of the technical support members.
