Meet “ChewBacca,” the point-of-sale malware that infected dozens of retailers

RSA

Researchers have unearthed malware that recently infected point-of-sale terminals at several dozen retailers in the US and other countries and successfully captured customers’ payment card data.

“ChewBacca,” as the crimeware is dubbed, scrapes large chunks of computer memory from infected terminals and dumps them to a file, a researcher from RSA reported in a blog post published Thursday. It then uses regular expressions and other programming techniques to extract data that was copied from credit and debit cards. ChewBacca also captures sensitive data using a generic keylogger.

“The ChewBacca trojan appears to be a simple piece of malware that, despite its lack of sophistication and defense mechanisms, succeeded in stealing payment card information from several dozen retailers around the world in a little more than two months,” Yotam Gottesman, a senior security researcher on RSA’s FirstWatch team, wrote. Researchers found that beginning in late October, ChewBacca had logged track 1 and 2 data of payment cards scanned on infected terminals. Most of the affected retailers were located in the US, although some were in other countries, including Russia, Canada, and Australia.

Read 4 remaining paragraphs | Comments

    



via Ars Technica http://ift.tt/Liwa6b

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s