Do you remember the huge credit card hack that forced Target's CEO to step down earlier this year? Now we know the same malware was used to infect Home Depot's point-of-sale software in the attack reported last week.
I'll explain how it works and show what to do to protect yourself.
The malware that cyber criminals are using is called BlackPOS. It piggybacks itself onto a physical store's credit card authorization system, and copies the personal information from every card swiped at an infected register. From there, the hackers sell packaged "dumps" of the stolen cards and personal information online.
What tipped security experts off about the Home Depot hack's similarity to Target was the place where the "dumps" were being posted. It was the same as the Target hack.
Here's what's scarier though: The point-of-sale attacks might even have an anti-American angle. Many of the links that security experts found packed into the "BlackPOS" malware went to sites that had images, according to Krebs On Security, like this:
"One of the images shows four Molotov cocktails with the flags of those four nations on the bottles, next to a box of matches festooned with the American flag and match ready to strike."
The only way to stay protected from situations like this is to identify whether or not you've been to Home Depot recently. From there, you'll have to keep a close eye on your account activity. Be sure that there aren't any strange charges on your card.
If you're a frequent customer to Home Depot, you might want to consider changing your card. Or at least contact your bank about what you can do.
Here's more information about the Target hacks, which called for the same measures you should take now:
- Target, UPS, SuperValu hacks: All connected and way worse than we knew
- Why that massive Target hack is good for consumers - and what you need to do to stay safe
- Hackers stole your information from target - now what do you do?