Credit card readers in "dozens" of shops around the world were infected with the Trojan horse "Tsumbaka", designed to bypass the buyer's data, a computer security company announced.
According to US RSA Security, the malware detected in 12 countries, including the US, Russia and Canada - the rest are unnamed.
The credit card numbers that the Trojan horse sent were transmitted to a central server that had set up unknown hackers, which are now out of service. Affected stores were informed by RSA.
The malicious code was disguised as archive που χειρίζεται εκτυπώσεις. Πήρε το όνομα «Τσιουμπάκα» από τη σελίδα receptions displayed by the hackers' server and showing the familiar character from Star Wars.
The stolen data was routed through the Tor "dark" network, which is used to hide the ID card of the user when surfing the Internet.
The Tsiubaka case is not the first of its kind. As the BBC notes, at the end of 2013, infected funds in the American Tiger chain have stolen 40 data from millions of credit and debit charts, and a similar attack has been perceived in Neiman Marcus luxury shops.
In the wake of cyber attacks, the FBI issued a warning to shopkeepers about the risk of equipment being tampered with.