'ChewBacca' hackers targeted retailers in 11 countries: RSA

January 31, 2014

Jim Finkle

A cyber criminal ring targeting small retailers in 11 countries stole data on 49,000 payment cards using a malicious software known as "ChewBacca" before the operation was shut down, according to a cyber research firm.

RSA FirstWatch disclosed the attacks on Thursday on its website. It said the firm's researchers uncovered the ring, whose victims included small companies in the United States, Russia, Canada and Australia.

They managed to steal details from some 24 million payment card transactions over about two months, according to RSA.

The report comes as the Secret Service investigates a major data breach at Target Corp (TGT.N) that resulted in the theft of some 40 million payment card numbers, plus other data from some 70 million customers, along with a smaller breach at luxury department store Neiman Marcus. Arts and crafts retailer Michaels has said it is investigating a possible breach and the FBI has warned retailers to expect more attacks.

The findings from RSA show that the recent spate of attacks extend outside the United States.

READ MORE