Skip to content

The author of BlackPOS malware professes his innocence and good faith

by Pierluigi Paganini on January 22nd, 2014
Dexter malware PoS 2

Thanks to efficient investigation conducted by private firms like IntelCrawler, BlackPOS author was identifyed and professes his innocence and good faith.

I was within the official source to spot the 23-year-old teenager who developed the BlackPOS malware thanks to the revelations made by Cyber Intelligence firm IntelCrawler.

The author of BlackPOS was known as “ree[4]” in the underground market, researchers at IntelCrawler in a first analysis identified SergeyTarasov, but after further investigation they found the right person, a 23-year-old young hacker named Rinat Shabayev that has probably collaborated with Sergey Taraspov, who  provided him technical support for the designing of the malicious code.

In the previous reports of Cyber Intelligence firm ‘IntelCrawler‘ named SergeyTarasov, a 17-year-old teenager behind the nickname “ree [4]“, as the development of Black POS malware, according the investigation the malicious code was used to infect systems at Target and probably also at Neiman Marcus, two of the biggest US retailers.

The figured related to the Target data breach are disturbing, Credit-Debit cards and personal information belonging to nearly 110 million consumers are at risk.

It seems that Rinat Shabayev, aka ree[4], and the teen,Sergey Taraspov have collaborated to design the BlackPOS Malware, but they aren’t responsible for the data theft at the Target retailer, according the investigation they developed the malicious agent to sell it to other criminal gangs based in Eastern Europe.

BlackPOS 9

Rinat Shabayev admitted that he had developed the BlackPOS malware, during the interview he has released to the Russian news agency ‘LifeNews‘ he defended his position, sustaining that the malicious code was developed for the security testing and not to steal data. He confirmed to have received support by another anonymous coder, whom he had met online and that may have added more features to it.
His intention was to sell the exploit and he also remarked to be aware that the malware can be used for malicious purposes too, but he never has thought to conduct any illegal activity as the data theft.

“There is a ready program, I took and wrote to her addition to the data saved in the file and the server failed. It was originally planned to sell the program, most do not use it. And the idea was shared with another person. The program is designed for grabbing data. That is, rather, to copy the credit card data – told Shabayev. - I do not know why this name – “kartohu.” We took this program “kartohu” and finish the addition to it. Online cooperation offered by this program, but I did not want to cooperate, just gave the program and all. If you use this software with malicious intent, you can earn good, but it is illegal. So I do not want to do it, just wrote for sale, not to use it yourself, and let people enjoy it, and they will all conscience.” is the translation from the Russian channel.
Now IT security has a further problem to resolve, a BlackPOS is in the wrong hand and million people are suffering credit card theft, on the other side the law enforcement will have to judge a young man who professes his innocence and good faith.
Frankly, I believe that the boy is terrified, both parties, law enforcement and criminal organizations who acquired BlackPOS, will do much attention to the confessions of the youngster.
Scary stuff!

Pierluigi Paganini

(Security Affairs –  BlackPOS, Rinat Shabayev)

From → Cyber Crime, Malware

Comments are closed.