Report: Nieman Marcus, Target weren’t the only holiday hack victims

According to a Reuters report based on “sources familiar with attacks on other merchants,” Nieman Marcus and Target weren’t the only high-profile, US retailers to be hacked during the 2013 holiday season. The news agency did not identify what specific retailers have also been affected, but it reports at least three other US retailers (“with outlets in malls”) suffered breaches that have yet to be publicly disclosed.

These additional attacks allegedly implemented the same techniques that infiltrated Target. While Target has not officially disclosed any techniques, Reuters’ sources said one of the hacking tools was a RAM scraper. The news agency describes this as memory-parsing software “which enables cyber criminals to grab encrypted data by capturing it when it travels through the live memory of a computer, where it appears in plain text.”

RAM scraping is not a new tactic and Ars Security Editor Dan Goodin has covered similar tools before (see sidebar). He notes RAM scraping is useful when dealing with encrypted information, since sometimes the only way to access the underlying plaintext is to extract it from computer memory. Still, it’s important to note the RAM scraping detail from Reuters is still speculative and the agency acknowledges it’s only one of a variety of techniques that may be involved.

Read 1 remaining paragraphs | Comments

via Ars Technica http://ift.tt/1dg04Ty

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s