Alistair Barr, USA TODAY
SAN FRANCISCO - The U.S. Federal Bureau of Investigation reportedly warned retailers that there will be more cyber attacks after discovering about 20 hacking incidents in the past year involving similar malware used in the massive Target holiday data breach.
Th FBI sent a report dated Jan. 17 to retailers describing risks posed by "memory-parsing" malware that infects point-of-sale (POS) systems, Reuters reported, citing the document "Recent Cyber Intrusion Events Directed Toward Retail Firms."
"We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms' actions to mitigate it," said the FBI report, seen by Reuters.
"The accessibility of the malware on underground forums, the affordability of the software and the huge potential profits to be made from retail POS systems in the United States make this type of financially motivated cyber crime attractive to a wide range of actors," the FBI added.
The POS malware attack against Target compromised the data of more than 100 million people during the busy holiday shopping period. Luxury retailer Neiman Marcus said this week that a similar attack earlier in 2013 affected 1.1 million cards.
One version of the POS malware, known as Alina, included an option that allowed remote upgrades, making it tougher for corporate security teams to identify and eradicate it, the FBI report said.
At least one type of this malware has been offered for sale for as much as $6,000 in a "well-known" underground forum," the FBI added.