scorecard
  1. Home
  2. Retail
  3. The Target Malware Code Included A Reference To A Top Xbox Gamer And Ukraine

The Target Malware Code Included A Reference To A Top Xbox Gamer And Ukraine

Pamela Engel   

The Target Malware Code Included A Reference To A Top Xbox Gamer And Ukraine
Retail1 min read

Malware code

REUTERS/Jim Urquhart

An analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory in Idaho Falls, Idaho.

Bloomberg Businessweek has come out with a big cover story on the Target data hack, which revealed odd references to Ukraine in the malware code used for the attack.

The magazine's reporting revealed Target probably could have prevented the hack if it paid attention to security alerts about malware that hackers installed on the company's system.

Another interesting tidbit from the story: One of the passwords in the malware code was Crysis1089, an apparent reference to mass protests in Ukraine in October 1989.

There were also other potential references to Ukraine embedded in the code.

From Businessweek:

The guts of the malware code provided some intriguing leads. One of the passwords was Crysis1089. That happens to be the nickname of an Xbox gamer. (His rank on the Xbox Live global leaderboard as of March 10: 11,450,001.) It also appears to be a reference to the October 1989 date of mass protests that preceded Ukrainian independence and the dissolution of the Soviet Union.

There was another name embedded in the exfiltration code: Rescator. The alias, a reference to a pirate in the 1967 French film Indomptable Angélique, belongs to a prolific Ukrainian trafficker in stolen credit card numbers. Rescator operates several online card number sites-cheapdumps.org and Lampeduza.la, to name two-that use the country domains of Laos, Somalia, and the former Soviet Union, among others. Rescator isn't the only reseller pushing the stolen Target data, but according to Krebs and several other security investigators, he's the most active, apparently operating with impunity out of the Black Sea port of Odessa.

It's unclear whether the hacker Rescator was actually involved in the Target data breach.

Read the full story at Businessweek >

READ MORE ARTICLES ON


Advertisement

Advertisement