New financial malware attacks global financial institutions
Posted on 07.09.2011
Trusteer warned that a second non-financial malware variant called Shylock has been retrofitted with fraud capabilities and is abusing its large installed base of infected machines to attack global financial institutions.


Unlike the non-financial malware Ramnit which turned into a fraud platform, Shylock doesn’t incorporate tactics from the infamous Zeus Trojan.

It appears criminals have custom developed financial fraud capabilities for Shylock.

Shylock uses unique mechanisms not found in other financial malware toolkits, including:
  • An improved method for injecting code into additional browser processes to take control of the victim’s computer
  • A better evasion technique to prevent malware scanners from detecting its presence
  • A sophisticated watchdog service that allows it to resist removal attempts and restore operations.
"As with all financial fraud toolkits, Shylock’s detection rate among anti-malware solutions and fraud detection systems is extremely low," said Amit Klein Trusteer’s CTO. "The ability of cyber criminals to develop, distribute, and operate new tools under the radar of the industry is troubling. Enterprises and individuals continue to rely on security architectures that were designed 20 years ago and have limited value in protecting their critical assets against cybercrime attacks."





Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //