A programmer from Saratov, Russia, has claimed responsibility for arming the Kaptoxa malware used to steal personal details of about 110 million customers of the US retail chain Target and other stores.
In a recent interview with the Russian website lifenews.ru, Rinat Shabayev has admitted that he modified Kaptoxa (also known as BlackPOS), a tool that can be used to test computer systems for vulnerabilities. Apparently he later sold the malware on an open market, with the knowledge that it may be used for criminal purposes.
Shabayev says he never used Kaptoxa to steal data himself. He is currently looking for a well-paid job and has already received an offer. The story seems to side with with earlier reports that part of the Kaptoxa code was written in the Russian language.
According to Shabayev, Kaptoxa (Russian for potato, written in ‘volapuk’ code) was created for sale through subversive hacker communities. While working on a modification, the programmer known online as ‘ree4’ had collaborated with an anonymous partner whom he met online. The two people did not stay in touch and Shabayev says he doesn’t even know where the other contact resides.
Shabayev told lifenews.ru. “If the software is used with bad intentions, you can earn decent money, but that’s illegal. I didn’t want to do this kind of work, simply wrote it for sale, so I didn’t have to use it myself. Other people can use it, and it will be on their conscience.”
Between 27 November and 15 December, 40 million card details and 70 million personal records including names, mailing addresses and phone numbers of Target customers were compromised. The attack was specifically aimed at Point-Of-Sale (POS) payment systems.
To apologise, the retailer offered one year of free credit monitoring and identity theft protection to all guests who shopped in its US stores. Despite this gesture, multiple lawsuits have been filed across the United States by Target customers in regards to the information theft.
[Image via investing]