Reports emerged earlier this week that a BlackPOS variant was to blame for the data breach at Home Depot. But new analysis has led some researchers to believe it isn’t related to BlackPOS at all. Both malware variants dump harvested card data to a fake DLL file, they format and obfuscate that data differently. BlackPOS uses direct system calls, while the new malware writes out to a batch script and executes with a call to a CreateProcessA() Windows API. The two pieces of malware also use different algorithms to process credit card data.”]
Source: https://www.darkreading.com/attacks-breaches/home-depot-breach-may-not-be-related-to-blackpos-target