Phishing email led to Target cyberattack

Minneapolis — A “phishing” attack using an email containing malware reportedly enabled hackers to gain access to Target’s computer network in 2013. According to the security blogger Brian Krebs, an employee at the HVAC vendor Fazio Mechanical in Sharpsburg, Penn. which includes Target among its clients, opened a fraudulent email that allowed hackers to enter Fazio’s network and take over a computer.



The hackers then used that computer to gain access to the Target network using credentials for a dedicated link between Target and Fazio. The hackers may have used a malware program called Citadel to initially enter Fazio’s network, and are believed to have used an Eastern European malware program known as Kaptoxa to penetrate Target’s internal systems and databases.



Krebs also reports that the initial malware attack on Fazio may have happened as early as September 2013, two months prior to when the Target attack is currently believed to have started, and that Fazio’s computer security may have relied upon a free version of the Malwarebytes Anti-Malware program.