>Target has never publicly disclosed the method through which the attackers exploited these web services. However, the leading theory suggests that suppliers might have been able to upload documents such as invoices via one of the web applications. The attacker could have exploited this functionality to upload a PHP file, which acted as a web shell, enabling them to execute commands directly on the system.
I think this is not how they got in, it was supply chain attack; they breached "Fazio Mechanical, a small heating and air conditioning firm in Pennsylvania that worked with Target and had suffered its own breach via malware delivered in an email[1][2]." Once they got credentials from Fazio Mechanical (via e-mail spear phishing attack), they had access to Target's corporate network, they moved laterally throughout Target's network and pushed down POS scrapping malware to stores' local POS machines. OP says all this but it was Fazio Mechanical credentials that were most crucial for entry in Target's network.
This was hack that sparked my interest and my ambition for cybersecurity research and my PC malware research so I still remember it to this day. It is crazy that even today, 10 years after, perpetrators (hackers) and are not yet arrested despite after Target hack, they kept hacking retailers and stealing more and more credit cards. This particular hacker group stole more than 40 million credit cards, mainly US credit cards. They are Russian hackers and probably will never leave Russia and face justice.
I think this is not how they got in, it was supply chain attack; they breached "Fazio Mechanical, a small heating and air conditioning firm in Pennsylvania that worked with Target and had suffered its own breach via malware delivered in an email[1][2]." Once they got credentials from Fazio Mechanical (via e-mail spear phishing attack), they had access to Target's corporate network, they moved laterally throughout Target's network and pushed down POS scrapping malware to stores' local POS machines. OP says all this but it was Fazio Mechanical credentials that were most crucial for entry in Target's network.
This was hack that sparked my interest and my ambition for cybersecurity research and my PC malware research so I still remember it to this day. It is crazy that even today, 10 years after, perpetrators (hackers) and are not yet arrested despite after Target hack, they kept hacking retailers and stealing more and more credit cards. This particular hacker group stole more than 40 million credit cards, mainly US credit cards. They are Russian hackers and probably will never leave Russia and face justice.
[1] https://krebsonsecurity.com/2015/09/inside-target-corp-days-... [2] https://krebsonsecurity.com/2014/02/email-attack-on-vendor-s...