Latest Malware Hits Global Financial Institutions
Trusteer researchers cautioned a malware variant known as Shylock which is attacking global financial institutions, as per the reports by eSecurity Planet on September 7, 2011.
Contrast to the non-financial malware Ramnit which Trusteer reported in August 2011 had turned into a fraud platform; Shylock doesn't integrate methods from the notorious Zeus Trojan. It seems criminals have custom developed monetary fraud capabilities for Shylock.
Sadly, Shylock uses a better method of injecting code into browser processes. This method is generally used to insert rogue fields into authentic forms with the objective of stealing monetary data.
Further, Trusteer also gave example to explain the Shylock use that after logging into their online website, users who have been targeted with this threat may be asked to verify their credit card data which includes PIN and CVV2 number. This form is made by the Trojan and sends the information back to its creator.
Also, Shylock is an improved dodging technique which disables the malware scanners from detecting its presence.
Moreover, Shylock has the feature of being an advanced watchdog service that enables it to resist removal attempts and restore operations.
Shylock is not the first piece of malware to be reused for monetary fraud. Few weeks before Trusteer researchers recognized a new variant of file infector known as Ramnit that displayed similar features.
As per the CTO of Trusteer, Amit Klein, like all monetary fraud toolkits Shylock's detection rate among anti-malware filters is extremely low, as per the reports by HELP NET SECURITY on September 7, 2011.
Further, he added that the capacity of hackers to create, circulate and operate new tools under the radar of industry is disturbing. Companies and individuals continue to depend on security experts that were made 20 years ago and have limited scope in safeguarding their important assets against cybercrime attacks.
In May 2011 also, the company's experts was faced with a vague Trojan called Sunspot that was also changed for use in monetary fraud. These threats indicate a trend in the malware development scene that might be activated by the fact that Trojans like Zeus or Spyeye have become too rampant and can be easily blocked by antivirus vendors.
Related article: Latest Scam - Emails Threatening Death to Recipients
» SPAMfighter News - 17-09-2011