HVAC subcontractor Fazio Mechanical Services reportedly fell victim to a phishing attack at least two months prior to the Target breach. Sources say the phishing email included a Citadel Trojan, which is botnet-controlled financial malware based on the Zeus source code. Dell SecureWorks described Citadel’s use by criminals as “ubiquitous” and said that the attackers behind the Citadel Trojan have “made concerted efforts to spread Citadel using spam campaigns and drive-by download attacks using different exploit kits” The theft of payment card data from Target began on Nov. 27.”]
Source: https://www.darkreading.com/attacks-breaches/target-breach-phishing-attack-implicated