The actual bot code is called ChewBacca and was described in detail recently by Kaspersky Lab. As Kaspersky explains, ChewBacca communicates with it's C&C (Command and Control) server over the Tor network, obscuring the IP addresses of parties. According to RSA, this particular botnet has been collecting track 1 and 2 data of payment cards since October 25.