Skip to main content

Shylock Trojan targets 24 banks

By

Two-dozen US and European banks have been targeted by the Shylock Trojan.

Shylock avoids detection as it injects itself into legitimate processes.
Shylock avoids detection as it injects itself into legitimate processes.
Twenty-four banks across Europe and the US have recently been targeted by Shylock – aka Capshaw –financial malware that has actively been going after bank accounts since 2011.
The countries with the highest number of infections are the UK, Italy, Denmark and Turkey.
Sachin Deodhar and Chris Mannon, researchers from Zscaler's ThreatLabZ, have reported this upswing in activity, but say they are currently unable to identify the initial infection vector.
"We can tell that it is more than likely arriving as part of an exploit kit honing in on vulnerable versions of Java. The reason we suspect this is that the user-agent for every single transaction that has come through our Behavioral Analysis solution has been: Mozilla/4.0 (Windows XP 5.1) Java/1.6.0_07."
Shylock avoids detection as it injects itself into legitimate processes; for example, explorer.exe or iexplore.exe. At the same time, it obfuscates its phone home traffic by employing a domain-generated algorithm (DGA) to create addresses using self-signed SSL certificates.
In this way, a traditional network monitoring solution's ability to dissect the packets on the wire for any malicious transactions is limited.
The use of DGA in malware is not new. These algorithms are used by other malware families to periodically generate a large number of domain names that can be used as rendezvous points with their controllers.

The victims

Bank of Scotland
Barclays Bank
First Direct
Santander Direkt Bank AG
First Citizens Bank
Bank of America
Bank of the West
Sovereign Bank
Co-operative Bank
Capital One Financial
Chase Manhattan
Citi Private Bank
Comerica Bank
E*Trade Financial
Harris Bank
Intesa Sanpaolo
Regions Bank
SunTrust
Bank of Ireland Group Treasury
US Bancorp
Banco Mercantil, SA
Varazdinska Banka
Wintrust Financial
Wells Fargo Bank
The myriad points makes it extremely hard for law enforcement to effectively shut down botnets since infected machines will try to contact some of these domain names every day to receive updates or commands.
Notorious malware families and botnets, such as PushDo, Zeus and TDL/TDSS, also employ DGA to target financial institutions, and carry out targeted attacks.
Preventing infection
John McLoughlin, MD of J2 Software, which distributes Zscaler locally, says cyber criminals go to great lengths to create malware that scam users more effectively. "However, many of these threats are just tweaked updates of old ones, with added functionality. With the right protection and a little savvy, users can avoid just about all threats out there."
He advises users to always make sure their devices are updated and secure, with a good anti-malware product. "Be sceptical of random pop-up windows, error messages and attachments. Even mails from trusted sources that don't seem quite right. Get rid of spam – identify spam, and mark it as such to avoid getting more in the future."
Also, McLoughlin says to think before installing new software. "Make sure any software you want to install is legit, and don't download from a source you don't trust 100%. Use common sense – behave online as you do in real life. Trust your instincts."
Labels:

Comments

Post a Comment

Popular posts from this blog

DO YOU WANT TO BECOME A MASON IN NIGERIA

By
 After all i have said about this fraternity if you are still interested in becoming a mason there are just simply ways in which you can do that, but inspite of my post i am neither encouraging nor discouraging you all i am doing is just to let you know more about this frat and there's more to come about those who have joined, the so called stars like jay-z, kanye west etc i guess its just 7 simple ways to join and off you go  Are there things you want to accomplish in your life? Are there ways you want to enrich yourself? Do you enjoy being with people you like and respect? As a Freemason, you’ll find friendship and fraternity. You’ll develop life skills like self-confidence, leadership, and effective communication. You’ll learn to work as part of a team  and to better yourself as you help others. Think about taking the first step into becoming a Mason. It is widely thought that one must be invited to become a Freemason or that Freemasonry is so exclusive as to be beyond the
240 comments
Read more

RIP BRANAMA

By
An official statement from Kefee's UK publicist confirming her passing. Find it below: On behalf of the family….It is with a great sadness but grateful hearts that we announce the passing to glory due to lungs failure this morning of our God’s mouth piece, chorus leader, daughter, wife, sister, friend Kefee Branama Queen … May her beautiful, gentle and precious soul rest in perfect peace. Amen!! PS: In contrast to all earlier rumors and stories in circulation, I do state that Kefee wasn’t 6 months pregnant and neither did she have pre-eclampsia. For the family Adeline Adelicious Adebayo, (Kefee’s UK Manager) AJETUN A few weeks ago, news broke that Nigerian gospel singer, Irikefe Obareki, better known as Keffee, had collapsed on an airplane on her way to Chicago, USA. Nigerians and fans of the Branama singer went into serious prayers for her , wishing her well and a speedy recovery. Few days later, the doctors came out with the verdict that she had suffered what they ca
Post a Comment
Read more

ESTATE AND LAND FOR SALE AT THE FREE TRADE ZONE

By
Please More Info coming, but in case you need to ask urgent questions please call 07034616262
Post a Comment
Read more