Unlike the non-financial malware Ramnit which turned into a fraud platform, Shylock doesn’t incorporate tactics from the infamous Zeus Trojan.
It appears criminals have custom developed financial fraud capabilities for Shylock.
Shylock uses unique mechanisms not found in other financial malware toolkits, including:
- An improved method for injecting code into additional browser processes to take control of the victim’s computer
- A better evasion technique to prevent malware scanners from detecting its presence
- A sophisticated watchdog service that allows it to resist removal attempts and restore operations.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.