Cybereason Detected Credit Card Malware Attack That Stole Tens of Millions of Dollars

Boston-headquartered cybersecurity company Cybereason Inc. announced Wednesday it had detected a targeted cyberattack that stole credit card information from financial, manufacturing, and retail companies across Europe and the U.S. The attack, which began as early as October 2018, affected some 400 or so big corporations and resulted in tens of millions of dollars being stolen, a Cybereason spokesperson said in a message to Calcalist.

The attack specifically targeted point of sale (POS) systems, Cybereason said. While the company did not explicitly attribute the attacks to the threat actor group FIN6, Cybereason did state that the attack resembles previous attacks by the cybercrime group. Founded in 2012 by Israeli military intelligence veterans, Cybereason specializes in endpoint detection and response software. Cybereason’s software collects and analyzes data about programs running on the computer network in organizations, files accessed by users, and even keystrokes and mouse movements to detect hackers operating on the network. The company employs a team of around 500 people, 200 of which are based in Tel Aviv.

In August, Cybereason announced Japan’s Softbank Corporation had invested $200 million in the company, bringing the company’s total funding raised to date to $400 million.