'ChewBacca' hackers targeted retailers in 11 countries - RSA

BOSTON Fri Jan 31, 2014 4:40am IST

An illustration picture shows a projection of binary code on a man holding a laptop computer, in an office in Warsaw June 24, 2013. REUTERS/Kacper Pempel/Files

An illustration picture shows a projection of binary code on a man holding a laptop computer, in an office in Warsaw June 24, 2013.

Credit: Reuters/Kacper Pempel/Files

Related Topics

Stocks

   

BOSTON (Reuters) - A cyber criminal ring targeting small retailers in 11 countries stole data on 49,000 payment cards using a malicious software known as "ChewBacca" before the operation was shut down, according to a cyber research firm.

RSA FirstWatch disclosed the attacks on Thursday on its website (bit.ly/1loy2Ls). It said the firm's researchers uncovered the ring, whose victims included small companies in the United States, Russia, Canada and Australia.

They managed to steal details from some 24 million payment card transactions over about two months, according to RSA.

The report comes as the Secret Service investigates a major data breach at Target Corp (TGT.N) that resulted in the theft of some 40 million payment card numbers, plus other data from some 70 million customers, along with a smaller breach at luxury department store Neiman Marcus. Arts and crafts retailer Michaels has said it is investigating a possible breach and the FBI has warned retailers to expect more attacks.

The findings from RSA show that the recent spate of attacks extend outside the United States.

"The end game is to gain credit card information, so the hackers are going to go wherever it is easiest to get that information," said Will Gragido, senior manager with RSA FirstWatch, the threat research arm of RSA Security.

He said his firm provided the FBI with data on the "ChewBacca" operation, including the location of a command-and-control server used by the hackers on Wednesday.

That server was shut down on Thursday, according to Gragido.

An FBI spokeswoman could not be reached for comment. RSA, a subsidiary of storage giant EMC Corp (EMC.N), declined to identify the victims, which it said it had contacted.

RSA said the hackers used a relatively new piece of malicious software known as ChewBacca designed to infect computers such as the point-of-sales systems that process credit card transactions.

(Reporting by Jim Finkle; Editing by Dan Grebler)

FILED UNDER:

Reuters Showcase

India Cricket Chief

India Cricket Chief

Former ICC boss Dalmiya returns as BCCI chief.  Full Article 

S&P on Budget

S&P on Budget

Budget shows commitment to keep fiscal deficit low - S&P.  Full Article 

Richie Rich

Richie Rich

Bill Gates tops Forbes rich list, Michael Jordan joins.  Full Article 

Mega Buy

Mega Buy

HP to buy Wi-Fi gear maker Aruba Networks for $2.7 bln.  Full Article 

Blogger's Murder

Blogger's Murder

Bangladesh says arrests main suspect in U.S. blogger Avijit Roy's killing.  Full Article 

Alleged Threats

Alleged Threats

Twitter, law enforcement investigate alleged Islamic State threats.  Full Article 

New Tour

New Tour

Pop icon Madonna announces dates for 'Rebel Heart' tour.  Full Article 

Lathmar Holi

In Pics: Lathmar Holi

Images of "Lathmar Holi" at Nandgaon in Uttar Pradesh.  Full Coverage 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage