News Item

'ChewBacca' Malware Taps Tor Network

InformationWeek, By Mathew J. Schwartz

The next Star Wars film may not be scheduled to arrive until the summer of 2015, but the marketing tie-ins have already begun -- at least when it comes to cybercriminals trying to make a fast and fraudulent buck.

Security researchers have spotted a Tor-using banking Trojan that's been dubbed "ChewBacca" by its creators. According to Kaspersky Lab, which discovered the malware on an underground cybercrime forum, once the malware (detected as a file named "Fsysna.fej") successfully infects a PC, it also drops a copy of Tor 0.2.3.25 for the malware to use. The Trojan then logs all keystrokes and sends the data back to the botnet controllers via Tor. Read more.