'Chewbacca' attack hits cash tills
#1
'Chewbacca' attack hits shops in 11 nations

[Image: HVNOTPR.jpg]
The cyber-thieves hit shops in 11 countries including Russia, Australia, Canada and the US

Swift action has stopped an attack that stole credit and debit card details from retailers in 11 nations.

The attack, which used a malicious program called "Chewbacca", was discovered by security company RSA.

The server at the centre of the attack has now been shut down but not before thieves managed to grab details of 24 million transactions.

Retailers in 11 separate nations fell victim to the attack including shops in Russia, Canada, Australia and the US.

In the blogpost detailing the shutdown, security analyst Yotam Gottesman said the thieves grabbed data from equipment at cash tills in "several dozen" shops. RSA has contacted the shops and told them about the attack.

On point-of-sale equipment the malicious software disguised itself as a file that handled printing.

It was given the name "Chewbacca" because the login page for the server collating data from infected machines features a picture of the Star Wars wookie.

The group behind the attack tried to hide its tracks by routing stolen data through the Tor network that many people use to hide where they are browsing from.

Chewbacca comes in the wake of an attack on giant US retailer Target in late 2013. That attack also inserted malware on cash tills and card swipe devices and managed to scoop up details of more than 40 million credit and debit cards.

Luxury department store Neiman Marcus was also hit by thieves who used a similar tactic to grab card and personal details.

The attacks led the FBI to issue a warning to retailers alerting them to the changing attack patterns used by thieves and asking them to be vigilant about their point-of-sale equipment.

source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Global ransomware attack causes turmoil Scrumptious 0 15,387 Jun 27, 2017, 14:35 pm
Last Post: Scrumptious
  Botnet with 4.2 million PCs, one single DDOS attack hireshi 4 20,440 Sep 11, 2016, 16:56 pm
Last Post: GB47
  Virtual cash giveaway for Icelanders Scrumptious 0 11,587 Feb 08, 2014, 05:06 am
Last Post: Scrumptious
  FBI hits 'hackers-for-hire' websites Scrumptious 0 11,835 Jan 27, 2014, 15:04 pm
Last Post: Scrumptious
  Chrome aids eavesdropping attack Scrumptious 0 12,498 Jan 23, 2014, 16:35 pm
Last Post: Scrumptious



Users browsing this thread: 1 Guest(s)