Keep up with the news by installing RT’s extension for . Never miss a story with this clean and simple app that delivers the latest headlines to you.

 

​‘ChewBacca’ Trojan steals thousands of credit card details across the globe

Published time: February 01, 2014 17:26
Edited time: February 03, 2014 08:10
AFP Photo/Anne-Christine Poujoulat

AFP Photo/Anne-Christine Poujoulat

Star Wars’ most loyal copilot has gone to the dark side on our side of the galaxy, as Malware operating under the name ‘ChewBacca’ has stolen data on 49,000 payment cards from 45 retailers in 11 countries over a two month span.

According to RSA FirstWatch, the Security Division of EMC which exposed the malignant software, the virus started running in October and has so far gathered 24 million transaction details, mostly in the US, but also in Canada, Australia and Russia.

This relatively new Trojan was dubbed ‘ChewBacca’ because an image of the iconoclastic Wookiie was featured on the login page of the server, which the hacking ring used to collect data from infected computers.

Although the Trojan creators had routed stolen data through the Tor network that enables online anonymity, Massachusetts-based RSA managed to locate them and passed the information on its location to the FBI.

Screenshot from blogs.rsa.com

RSA researchers have also communicated with the companies victimized by the malware during the shutdown operation, which has yet to end, to share the gathered information.

‘ChewBacca’ features “simple keylogging and memory-scraping functionality”, the RSA said in its blog. Its target is mainly systems that process credit cards, such as Point-of-Sale (POS) systems.

The Trojan “is self-contained and runs as-is”. It installs a copy of itself in the Windows Startup folder and its memory scanner searches for credit card information in a copy of a process’s memory, targeting at simple regular expressions for card magnetic stripe data, the RSA said. Once extracted, it is sent to the server via Tor.

In fact, ‘ChewBacca’ was first revealed in December by Kaspersky Lab. At that time the Lab pointed out that the Trojan was not for sale on underground forums and seemed to be for private use or in development.

‘ChewBacca’ comes in a wave of malware attacks, aimed at making computers vulnerable in order to steal data from them. Another notorious 2013 example, ‘Dexter’, named after a serial killer from the popular television series, caused huge losses in the restaurant and hotel industry worldwide.

Among the shops that suffered from such attacks was Target Corp., where hackers stole some 40 million payment card numbers and other data from around 70 million customers, Reuters reports. Another victim of infectious malware was the luxury department store Neiman Marcus.

The FBI has issued a warning to on-line retailers, urging them to strengthen security and alerting them of possible attacks.

Comments (8)

 

linuxsucks 04.02.2014 21:44

Brandur 02.02.2014 18:42

Linux users not affected

  

That's because the rest of your OS sucks so bad Target didn't trust running their POS system on it. Virus could have easily cracked your weak OS, if it was popular.

 

mergon 03.02.2014 12:02

Then we have RF cards ,a transaction is for now limited to £20 in the UK ,but what is going here is your details are on the end of an RF chip , your phone has chips and in this information hungry age we have government scanners in digital litter bins and in other equipment like digital signs and airport s,train stations even bus stops that scan our phones for information so what is stop someone applying it to RF cards ?
Take a credit card heat up the underside where the chip is and then pick it off and have a good look at how tiny it is ,and then think of the other applications !!!!!

 

Stu Pendisdick 02.02.2014 11:26

This is a one-world-government sponsored activity. All of this nonsense, including the riots, mass shootings, etc. are engineered events preparing the global population for the coming "big event" that will usher in the real puppet masters from the shadows and end individual nation sovereignty, individual national currency and individual personal autonomy.

T he culmination of the efforts of generations worth of a small handful of families from across the globe is nearing fruition.

A nd the sheeple refuse to see it coming.


View all comments (8)
Add comment

Authorization required for adding comments

Register or

Name

Password

Show password

Register

or Register

Request a new password

Send

or Register

To complete a registration check
your Email:

OK

or Register

A password has been sent to your email address

Edit profile

X

Name

New password

Retype new password

Current password

Save

Cancel

Follow us

Follow us