[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Neiman Marcus Hackers Set Off Nearly 60K Alarms
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2014-02-24 8:35:23
Message-ID: alpine.DEB.2.02.1402240835120.19116 () infosecnews ! org
[Download RAW message or body]

http://www.pcmag.com/article2/0,2817,2453873,00.asp

BY STEPHANIE MLOT
PC MAG
FEBRUARY 23, 2014

A month after Neiman Marcus revealed a hack of customer credit and debit 
cards, Bloomberg Businessweek said the attackers set off the retailer's 
security system about 60,000 times during their strike.

Between July and October 2013, hackers quietly collected card data via 
"sophisticated, self-concealing" malware installed on Neiman's system, the 
company said in January. But the exploit took about eight months, 
Bloomberg said; the hackers were forced to reload their software daily, as 
it was automatically deleted from the retailer's registers each day. That 
process also meant that the hackers often tripped hundreds of alarms, 
which were not detected by Neiman Marcus.

A Neiman Marcus spokeswoman declined to comment, pointing PCMag to the 
Bloomberg story, which quoted her as saying that the hackers were smart 
enough to give their malware a title almost identical to the company's 
payment software, ensuring that alerts would not be picked out of the 
crowd.

"These 60,000 entries, which occurred over a three-and-a-half month 
period, would have been on average around 1 percent or less of the daily 
entries on these endpoint protection logs, which have tens of thousands of 
entries every day," the company said.

[...]



--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
[prev in list] [next in list] [prev in thread] [next in thread]