Home Depot Inc. (NYSE:HD) has admitted that it's investigating a possible theft of credit card information from its store register machines, and it now appears the company was infiltrated using the "BlackPOS” program, the same one used to steal details from tens of millions of Target Corp. (NYSE:TGT) customers in a high-profile hack last year.
The Atlanta home and garden company last week said it is aiding a law enforcement investigation prompted when the retailer detected “unusual activity” in its financial system. That unusual activity could be more serious than originally thought after a source close to the investigation told Brian Krebs, a respected cybersecurity researcher and author, that a variant of BlackPOS was detected at some Home Depot stores.
The company has yet to confirm that it’s been hacked, but if the BlackPOS malicious software, or “malware,” is behind the unusual activity, then it’s a safe bet that Home Depot is concerned. The malware successfully stole the personal information of at least 70 million Target customers during the 2013 holiday shopping season, a vast breach that left Target with a black eye in part because of the company’s reluctance to admit that such an infiltration had occurred.
For evidence that the same BlackPOS was used, Krebs cited not only his sources but also the fact that the stolen credit card information has appeared for sale on Rescator.cc, the same Internet black market where millions of the Target credentials were sold.
The identity of the criminal or criminals who carried out the attack has yet to be determined, but Krebs explained that hidden deep within the BlackPOS code were anti-American jokes about U.S. involvement around the world.
“Three of the links point to news, editorial articles and cartoons that accuse the United States of fomenting war and unrest in the name of democracy in Ukraine, Syria, Egypt and Libya,” the researcher wrote. “One of these images shows four Molotov cocktails with the flags of those four nations on the bottles, next to a box of matches festooned with the American flag and a match ready to strike. Another link leads to an image of the current armed conflict in Ukraine between Ukrainian forces and pro-Russian separatists.”