(The Hosting News) – The massive data breach that occurred at the end of 2013 looks to have been the cause of a phishing email sent to employees at a HVAC firm.
According to a post from security reporter Brian Krebs on KrebsonSecurity, the breach that stole more than 110 million customers credit cards and personal data started with a “malware laced e-mail phishing attack” on employees of Fazio Mechanical, a heating, air conditioning, and refrigeration business in Pennsylvania.
Sources close to the investigation say that the email attack began at least two months prior to Target’s breach and that the malware used was Citadel, a program used to steal passwords similar to ZeuS banking trojan.
In a statement published last week, Fazio stated, “Like Target, we are a victim of a sophisticated cyber-attack operation. We are fully cooperating with the Secret Service and Target to identify the possible cause of the breach and to help create proactive remedies to enhance the security of client/vendor connections make them less vulnerable to future breaches.”
Fazio’s primary means of detecting malware is through a free version of Malwarebytes Anti-Malware, good for individual users but not for major corporate companies.