chewbacca

Is ChewBacca Stealing your Credit Data?

February 6, 2024         By: David Mindich

A criminal organization has been utilizing custom built malicious software that goes by the name of “ChewBacca” to infect retailers’ POS systems.

According to an analysis published by security firm RSA, the malware has infected as many as 45 retailers.

The group, likely based out of the Ukraine, according to Eweek, has been using the Chewbacca malware to steal credit and debit card data from customers since October of last year.

Once installed, the Chewbacca malware, classified as a RAM scraper, monitors running process memory on POS systems for anything that looks like credit and debit card data.

While similar to the software responsible for stealing card data from 40 million Target customers, it is apparently not the same. The Chewbacca malware, along with the Target and other retailers’ recent leaks, has brought significant attention to the apparent lack of security most POS systems have.

Most modern POS systems are essentially just regular computers, usually running on outdated software and are often left defenseless against malware attacks.

As these attacks seem to be rising by the minute, retailers are going to have to seriously step up their game when it comes to security.

Uri Fleyder, cyber-crime research lab manager at RSA told Eweek that retailers need to increase staff to detect and stop these attacks through comprehensive monitoring and incident response, or begin to encrypt and tokenize data, making it impossible to read from a POS.