Kmart is fighting a malware security breach of its credit card processing systems, the second cyber attack on the big box retailer in less than three years. Kmart’s parent company, Sears Holdings Corp., released information outlining the malware attack after the company discovered unauthorized credit card activity following certain customer purchases at Kmart stores. The company battled a similar breach in October 2014 where the company stressed that no personal information or data was stolen.
Both attacks involved malware designed to steal credit and debit card data from point-of-sale (POS) systems and then makes copies the data stored on the card’s magnetic strip. The data can then be used to clone the cards to be used for purchases.
Researchers have discovered a malware infection of staggering scope and destructive potential and it is called “Fireball”. The malware package is believed to have infected more than 250 million computers worldwide and is present on 20% of corporate networks, with major infection centers in India, Brazil, and Mexico.
The malevolent software appears to be mainly intended to generate fake clicks and traffic for its creator, a Beijing advertising firm called Rafotech. When installed, the software redirects a user’s browser to websites that mimic the look of the Google or Yahoo search homepages. The fake pages surreptitiously gather private information about the user using so-called tracking pixels.
References: Fireball Malware Could Spark 'Global Catastrophe' After Infecting 250 Million Computers | After WannaCry, Fireball Malware Infects 250 Million Computers; India Worst Affected | ‘Fireball’ Malware From China Hits 250M Devices
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.