Russian teen misidentified in Target breach, expert says

A cyber security firm that fingered a Russian teen for the malware used to steal 70 million Target customers' credit card numbers appears to be backing off, but not quite backing down.

Last week, California-based IntelCrawler named 17-year-old Sergey Tarasov as the kid behind the massive breach, saying he had "roots" in St. Petersburg and goes by the online nickname "ree4." Tarasov was subsequently identified in numerous media reports. But in an update to its report released Monday, IntelCrawler said another author crafted the code, though it still accused Tarasov of playing a role in the breach.

"Three days ago, IntelCrawler researchers claimed that they had found out who is the brains behind the malware used in the Target breach," security expert Brian Krebs told in an email. "A couple of hours ago, IntelCrawler changed their version of the events, publishing data that links another Russian VK profile to the affair, this time Rinat Shabayev."

IntelCrawler had originally released the name of Sergey Tarasov, which Krebs says was misspelled as Taraspov. While IntelCrawler has revised its initial report, the company still believes Tarasov is connected to the malware.

More On This...

"The person behind the nickname "ree[4]" is Rinat Shibaev, working closely with Sergey Tarasov, who was acting as his technical support together with several other members, having roots in St. Petersburg (Russian Federation), a very well known programmer of malicious code in underground," the company wrote in its report.

"All the mentioned factors point [to a] bad actor definitely in one of the former USSR countries."

The teenage Tarasov has fought back against IntelCrawler's accusations in various Russian media outlets and has already reached out to a lawyer. He said he that he does not have the necessary education needed to create the virus, and that while he writes code, it is only for personal use.

"Our media grabs information and gives it to the masses without checking beforehand," Tarasov told Russian news outlet tjournal, according to a Google translation of the report. He also said he has no connection to Shabayev or St. Petersburg and has lived in Novosibirsk his entire life.

Earlier this month, Neiman Marcus admitted that its data systems had been hacked, and Reuters reported that at least three other retailers may have been victimized as well. Reuters stated that authorities believed the hackers originated from Eastern Europe, though it did not specify the country.'s Sasha Bogursky contributed to this report.