Russian teen linked to Target breach

JACKSONVILLE, Fla. – A Russian teenager is believed to be the main developer of the malicious software that allowed hackers to steal personal credit card information from millions of Target customers.

Cyber security experts say the malware known as BlackPOS was being sold and downloaded online.

According to investigators, the Russian software developer was selling the malware for $2,000 per download. More than 60 people bought the software, which is why consumers should be aware that more people may be victimized.

More than 110,000 Target customers personal information may have been compromised and as staggering as it may sound, experts say it's only the tip of the iceberg.

Internet security experts say an unnamed Russian national has been selling the malware used in the cyber attacks. They say he may be tied to a much larger organized crime ring.

"Russia's organized crime is the largest in the eastern European areas," cyber security expert David Kennedy said. "It's the largest market they have because they have a lot of advanced tech. They have a lot of extremely intelligent people working in the black market. It's very profitable for them."

Cyber security experts are warning consumers and retailers nationwide that these types of attacks are far from over.

"When we have seen these types of attacks before and they create their tools, they don't just go after one or two companies," cyber security expert John Waters said. "They say how many companies are susceptible to this and lets go after all of them."

Millions of frustrated Target customers have been talking about their experiences over the past several weeks, including Fred Anson.

"I had my credit card information stolen and someone tried to buy a car in Texas," Anson said.  

Anson shops at the Target at Regency and said even though he was victimized by credit card fraud in the past, he has faith that the banks will back the customers.

He's calling for tougher penalties for cyber thieves and he's not surprised that a 17-year-old may be responsible for it all.

"I think someone should hire him to do good," Anson said. "If a 17-year-old can do something like that, they should hire him to catch other people."

"I think ultimately people need to be cognizant that if you put your credit card information online, it's going to be attacked," consumer Justin Stevens said.

The consumers Channel 4 spoke with said the threat of cyber-theft hasn't changed how much they charge on their credit card, but it has impacted their habits, when it comes to monitoring their accounts.

"Fraud is something that is going to happen everyday and there's nothing you can do," consumer Nicole Mays said. "You can use cash only, but there's not much you can do to prevent it."

Researchers from the Los Angeles based company IntelCrawler are reporting that at least six other U.S. retailers have been targeted by the program developed by the Russian teenager.

The teen's identity has not been released and half a dozen other retailers targeted have not been named.