05
May 2014
Security Alert!
Recent RSA findings report that ChewBacca malware has compromised the security of numerous POS systems since being discovered in October 2013. According to a Visa alert in March, the malware operates by installing a copy of itself in the Windows startup folder as a file called “spoolsv.exe” and then disguising itself as a Windows Print Spooler (so it runs automatically when you start Windows). The malware utilizes two data-stealing mechanisms: a generic keylogger and a memory scanner that look for credit card numbers, PIN, identity information and security data. ChewBacca is privately owned, and it is currently unknown how many were affected by the breach.