As officials suspect a Russian teenager as the author of the malware used in cyberattacks against Target Corp. and Neiman Marcus, retailers are warned to be prepared for more potential breaches, CNN reported.

In a statement published Friday, security firm IntelCrawler said the breach was the result of malware described as an “off-the-shelf” product known as BlackPOS, allegedly written by a 17-year old with roots in St. Petersburg, Russia.

Experts believe the teenager shared the malware with others. SecureState CEO Ken Stasiak told CNN that the malware appears to be available for other hackers to download off the Internet.

More than 40 versions have been sold around the world, IntelCrawler said.

A report by Reuters over the weekend said that at least six U.S. merchants have had their systems infected with the same type of software used to steal data from Target.