Researcher disputes report BlackPOS used in Home Depot, Target attacks
In breaking down the malware, Gunzweig drew the conclusion that "these were not coded by the same people."
While BlackPOS was used in the Target attack, the malware in the Home Depot breach contained different techniques for copying stolen data to another location on the victims' network before sending it to the hackers.
In addition, the malware used different techniques for identifying card data after payment cards were swiped. The executable used to run the malware was also different.
"Under the hood, everything was different," Grunzweig said. "These were not part of the same malware family."
The Target breach, which occurred during last year's holiday shopping season, exposed more than 40 million debit- and credit-card accounts. Home Depot reported this week that the attack on its payments systems affected all stores in the U.S. and Canada, which service millions of customers a year.