Thursday, April 8, 2010

Hacker of TJX gets 20 years

As mentioned previously, hacker Albert Gonzalez had plead guitly and was convicted  and senteced to 20 years in prison for his role in a variety of computer fraud including TJX, Heartland payments 7-11 and other corporations. How did he do it you ask?

Using a SQL-injection attack, the hackers broke into the 7-Eleven network in August 2007, stealing an undetermined amount of card data. They used the same kind of attack to infiltrate Hannaford Brothers in November 2007, which resulted in 4.2 million stolen debit and credit card numbers; and into Heartland on Dec. 26, 2007. Of the two unnamed national retailers mentioned in the affidavit, one was breached on Oct. 23, 2007, and the other sometime around January 2008.

Once on the networks, the hackers installed back doors to provide them with continued access. They tested their malware against 20 different antivirus programs to make sure they wouldn’t be detected, and also programmed the malware to erase evidence from the hacked networks to avoid forensic detection.

No comments:

Post a Comment