It looks like the hackers that hit Target had lots of other, well, targets. The Department of Homeland Security recently sent retailers and financial service companies a secret memo warning that the Target hit appeared to be part of a larger international campaign, the Wall Street Journal reports, an insight gleaned with the help of Dallas cybersecurity firm iSight Partners. Yesterday, iSight released its own report, saying that a virus it's calling KAPTOXA "has potentially infected a large number of retail information systems"—and noting that the "intrusion operators displayed innovation and a high degree of skill," particularly in terms of the "operational sophistication" of the hack. The Journal shares this feature by way of example: The virus focused on stealing data during the peak hours of 10am and 5pm; the data was housed in a Target server that the hackers later accessed.
The virus attacks point-of-sale systems in a way that is "new to eCrime," subverting traditional efforts to protect consumer data, the report warns, according to NBC. Parts of the code, which is impervious to all known antivirus software, have been online since last spring. It's partly in Russian, which US officials think may indicate a link to organized crime in the former Soviet Union. The finding follows reports of similar breaches at Neiman Marcus. That breach had gone unnoticed since July, the New York Times reports today; Neiman's system was only fully secured Sunday. (More KAPTOXA stories.)