Home Depot Malware Pretended To Be Anti-Virus Protection

The huge cyber attack on Home Depot apparently used malware that was disguised as anti-virus protection (beware of cybergeeks bearing gifts), which suggests that, contrary to earlier reports, it was likely not the same group that hit Target.

“The (payment) card-stealing program used in the attack on the Atlanta-based retailer is being dubbed FrameworkPOS and differs significantly from the software used last year to hack Target Corp., said Dan Guido, chief executive officer of Trail of Bits, an information security company,” according to a Bloomberg report.  “Guido, who reviewed technical information about the Home Depot incident, said the differences in the malware are strong indicators that the hacks are probably the work of two different groups.”

The story quoted a different cyber security researcher saying that the malware name “s derived from the McAfee Inc. antivirus agent it impersonates. The malware’s disguise was meant to keep Home Depot’s security team from taking a deeper look even if the retailer wasn’t deploying McAfee products on its registers or elsewhere in its network,” Bloomberg said.