Russian Hacker Rinat Shabayev admits to be creator of BlackPOS Malware



Last week, cyber security firm IntelCrawler named the 17-year-old Russian "Sergey Taraspov" as creator of the BlackPOS Malware which was used in the Target data breach.

After further investigation, the company update its report saying that 23-year-old Russian hacker named "Rinat Shibaev" is the original author of this malware and Sergey is member of technical support team.

In an interview with Russian news channel LifeNews, Shibaev has admitted that he had developed the BlackPOS(also referred as Kaptoxa) malware.

The hacker says he just took readily available program and developed it with additional features.

He allegedly got help in developing the malware from an unknown person whom he had met online.  However, he said that he doesn't even know in which country the person lives.

The hacker also said that he created it for selling it to others, not to use the application by himself.

17 year old suspected to be creator of BlackPOS malware used in Target data breach


Security firm IntelCrawler has been analyzing the recent massive data breaches of Target and Neiman Marcus.  The company said that it has identified the creator of the malware used in these attacks.

According its report, Sergey Taraspov, a 17-year-old boy from Russia, with Online handle 'ree[4]', allegedly first created the sample of the BlackPos malware in March 2013.

Initially the malware is referred as "Kaptoxa"("potatoe" - in russian slang) which was later referred as "Dump memory grabber" in underground forums by the creator.  "BlackPOS" name came from the title used in C&C communications.

BlackPOS is a RAM scrapping malware totally written on VBScript which is designed to be installed on POS devices and steals all data from cards swiped through the infected system.

Based on its own sources, the organization determined that the first victim of the malware is Point of Sale(PoS) systems in Canada, US and Australia.

He has sold more than 40 builds of his creation to cyber criminals from Eastern Europe and other countries, for $2,000.

The hacker has created several hacking tools including a brute force attack and other malicious tools.  He has also made some money with the training for DDOS attacks and Social network accounts hacking.

However,  the organization said that the real cybercriminals behind the Target data breach were just customers of him.

Update: 
After further investigation, IntelCrawler determined that the original BlackPOS malware is Rinat Shibaev.  Sergey Taraspov is actually one of the technical support members.