Author of BlackPOS is a Russian teenager, researchers say
Posted on 20.01.2014
As the number of active attacks on US merchants continues to rise (we're up to six now), InterCrawler CEO Andrew Komarov believes he has discovered the identity of the author of the BlackPOS malware, modified versions of which have apparently used in the Target and Neiman Marcus breaches.

He scoured underground forums for information about the malware and says that BlackPOS was initially dubbed "Kaptoxa" ("potatoe" in Russian slang), its first version was created in March 2013, and its creator is a 17-year-old from St. Petersburg that goes by the online handle "Ree[4]" ("ree4").

Since then, the teenager has apparently sold over 40 builds of BlackPOS to cybercriminals from Eastern Europe and other countries, including the owners of underground credit cards shops, claims Komarov. He also says that several copies of the malware were sold by the teenager in the form of source code, and that he has modified the malware on demand in various occasions.

He was apparently asking $2,000 for the malware, or occasionally a percent of the stolen info. He also seems to have started his career as hacker by offering social account hacking services and by teaching others how to mount DDoS attacks.

InterCrawler researchers have also tied this malicious actor with a VK social profile, and posit that he might be one of a group of hackers with roots in St. Petersburg.


The evolution of backup and disaster recovery

Posted on 25 July 2014.  |  Amanda Strassle, IT Senior Director of Data Center Service Delivery at Seagate Technology, talks about enterprise backup issues, illustrates how the cloud shaping an IT department's approach to backup and disaster recovery, and more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Jul 28th