The software used to steal customer data from Target and other retailers appears to have been developed by a teenage Russian hacker, officials with a California cyber-intelligence firm say.
Security researchers at IntelCrawler in Los-Angeles say it's highly likely that a 17-year-old hacker in St. Petersburg, Russia, is the source of the KAPTOXA malware hackers installed on Target's cash registers that allowed them to steal 40 million debit and credit card numbers and the names, email and street addresses of 70 million customers.
IntelCrawler officials say they're confident the Russian teen is the source for the computer code, given electronic evidence he has left behind. That includes online posts offering the software for sale.
"It's highly probable he's the author because there are numerous posts of him posting this software and then offering it for sale for $2,000," IntelCrawler president Dan Clements said. "Or he would give you the program if you would split the profits with him.
"We tracked him for quite a while," Clements said. "Is he the actual perpetrator? We don't know that. He is the source for the code. And we are tracking nine of his underlings that had access to the program."
Officials with iSight Partners, a Dallas company that focuses on cyber threat intelligence and is working with the U.S. Secret Service to investigate the data breach, said this week that KAPTOXA has apparently infected a large number of retailers' point-of-sale systems. It would not confirm which retailers got hit by the malware. But Target has been the highest-profile victim of such attacks.
Secret Service officials declined to comment.