Skip to main content

Shylock Trojan targets 24 banks

By

Two-dozen US and European banks have been targeted by the Shylock Trojan.

Shylock avoids detection as it injects itself into legitimate processes.
Shylock avoids detection as it injects itself into legitimate processes.
Twenty-four banks across Europe and the US have recently been targeted by Shylock – aka Capshaw –financial malware that has actively been going after bank accounts since 2011.
The countries with the highest number of infections are the UK, Italy, Denmark and Turkey.
Sachin Deodhar and Chris Mannon, researchers from Zscaler's ThreatLabZ, have reported this upswing in activity, but say they are currently unable to identify the initial infection vector.
"We can tell that it is more than likely arriving as part of an exploit kit honing in on vulnerable versions of Java. The reason we suspect this is that the user-agent for every single transaction that has come through our Behavioral Analysis solution has been: Mozilla/4.0 (Windows XP 5.1) Java/1.6.0_07."
Shylock avoids detection as it injects itself into legitimate processes; for example, explorer.exe or iexplore.exe. At the same time, it obfuscates its phone home traffic by employing a domain-generated algorithm (DGA) to create addresses using self-signed SSL certificates.
In this way, a traditional network monitoring solution's ability to dissect the packets on the wire for any malicious transactions is limited.
The use of DGA in malware is not new. These algorithms are used by other malware families to periodically generate a large number of domain names that can be used as rendezvous points with their controllers.

The victims

Bank of Scotland
Barclays Bank
First Direct
Santander Direkt Bank AG
First Citizens Bank
Bank of America
Bank of the West
Sovereign Bank
Co-operative Bank
Capital One Financial
Chase Manhattan
Citi Private Bank
Comerica Bank
E*Trade Financial
Harris Bank
Intesa Sanpaolo
Regions Bank
SunTrust
Bank of Ireland Group Treasury
US Bancorp
Banco Mercantil, SA
Varazdinska Banka
Wintrust Financial
Wells Fargo Bank
The myriad points makes it extremely hard for law enforcement to effectively shut down botnets since infected machines will try to contact some of these domain names every day to receive updates or commands.
Notorious malware families and botnets, such as PushDo, Zeus and TDL/TDSS, also employ DGA to target financial institutions, and carry out targeted attacks.
Preventing infection
John McLoughlin, MD of J2 Software, which distributes Zscaler locally, says cyber criminals go to great lengths to create malware that scam users more effectively. "However, many of these threats are just tweaked updates of old ones, with added functionality. With the right protection and a little savvy, users can avoid just about all threats out there."
He advises users to always make sure their devices are updated and secure, with a good anti-malware product. "Be sceptical of random pop-up windows, error messages and attachments. Even mails from trusted sources that don't seem quite right. Get rid of spam – identify spam, and mark it as such to avoid getting more in the future."
Also, McLoughlin says to think before installing new software. "Make sure any software you want to install is legit, and don't download from a source you don't trust 100%. Use common sense – behave online as you do in real life. Trust your instincts."
Labels:

Comments

Post a Comment

Popular posts from this blog

DO YOU WANT TO BECOME A MASON IN NIGERIA

By
 After all i have said about this fraternity if you are still interested in becoming a mason there are just simply ways in which you can do that, but inspite of my post i am neither encouraging nor discouraging you all i am doing is just to let you know more about this frat and there's more to come about those who have joined, the so called stars like jay-z, kanye west etc i guess its just 7 simple ways to join and off you go  Are there things you want to accomplish in your life? Are there ways you want to enrich yourself? Do you enjoy being with people you like and respect? As a Freemason, you’ll find friendship and fraternity. You’ll develop life skills like self-confidence, leadership, and effective communication. You’ll learn to work as part of a team  and to better yourself as you help others. Think about taking the first step into becoming a Mason. It is widely thought that one must be invited to become a Freemason or that Freemasonry is so exclusive as to be b...
240 comments
Read more

Microsoft Is About To Leave One-Third Of All Computers Vulnerable To Hacking

By
Hundreds of millions of computers running everything from ATMs to the power grid will be vulnerable to hacking next month when Microsoft stops supporting its old Windows XP operating system. Hackers have been holding onto flaws in Windows XP and waiting to exploit them until after the software giant stops issuing security updates on April 8, experts say. Adam Meyers, vice president of intelligence at Crowdstrike, a cybersecurity firm, said it was “fairly dangerous” to continue using the 12-year-old operating system because after the deadline “victims can’t defend themselves.” “I certainly wouldn't run Windows XP after the 8th," Meyers said in an interview. Microsoft announced six years ago it will no longer provide security patches or technical support for the out-of-date software. Yet about  one-third of computers  around the world -- or about 500 million PCs -- still run Windows XP. On Microsoft’s website , a clock ticks down to next month’s Windows deadline an...
4 comments
Read more

50 life lessons you can still learn now that your young.....

By
You’re stronger than you think you are. Mistakes teach you important lessons. Every time you make one, you’re one step closer to your goal. There is nothing to hold you back except you. You can press forward long after you can’t. It’s a matter of wanting it bad enough. No matter how much progress you make there will always be the people who insist that whatever you’re trying to do is impossible. You are limited only by your own imagination. Let it fly. Perception is reality. Your instincts can be trusted. There is only one question to ask yourself: “What would you do if you were not afraid?” It’s often hard to tell just how close you are to success. The only mistake that can truly hurt you is choosing to do nothing simply because you’re too scared to make a mistake. Never let success get to your head, and never let failure get to your heart. You have to fight through some bad days to earn the best days of your life. Life is 10% what happens to you and 90% how ...
Post a Comment
Read more