Results 1 to 1 of 1
-
13th Jul 2014, 01:53 PM #1
Shylock/Caphaw Banking Trojan Network Disrupted
The communication infrastructure used by the cybercriminals behind the Shylock malware to control the infected machines has been disrupted in an international law enforcement operation that also involved several private security companies.
Shylock, also known as Caphaw, has been named so because, when analyzing a sample, security engineers found pieces of Shakespeare’s Merchant of Venice scattered in the code. This also brought it the name of The Merchant of Malice from some researchers.
The malware was first detected in 2011 and it targeted major European banks, focusing on financial institutions in the United Kingdom. According to an older post from Symantec, customers of more than 60 such organizations have been affected.
The operation, which consists in seizing the command and control servers for the Trojan, is coordinated by the UK National Crime Agency (NCA) in cooperation with partners such as the FBI, Europol, BAE Systems Applied Intelligence, GCHQ, Dell SecureWorks, Kaspersky Lab, and the German Federal Police (BKA).
The agency says that taking charge of the command and control servers “has been conducted from the operational centre at the European Cybercrime Centre (EC3) at Europol in The Hague. Investigators from the NCA, FBI, the Netherlands, Turkey and Italy gathered to coordinate action in their respective countries, in concert with counterparts in Germany, Poland and France.”
A statement from the NCA says that at least 30,000 computers around the world have been compromised by the malware, most of them being located in the United Kingdom.
Shylock banking Trojan would be delivered to the victim through drive-by downloads, upon accessing a malicious link.
Once the infection completes, the malware carries out its financial information stealing activity by interposing between the client and the server, and injects code into the websites of the targeted institutions when the victim accesses them.
All credentials entered this way would be automatically sent to the remote machines controlled by the cybercriminals.
Numerous variants of the threat have been released in order to evade detection by antivirus products and to prevent analysis of the samples caught by researchers.
One of the techniques used to empty the bank account of a victim is to insert fake financial data after the login was performed, completely masking the criminal activity from the user.
Removal routines for Shylock/Caphaw have been added to the Malicious Software Removal Tool, and installing the latest updates for Windows ensures that the malicious software is eliminated automatically from the system after restarting the machine.Kepler Reviewed by Kepler on . Shylock/Caphaw Banking Trojan Network Disrupted http://i1-news.softpedia-static.com/images/news-700/Shylock-Caphaw-Banking-Trojan-Network-Disrupted.jpg The communication infrastructure used by the cybercriminals behind the Shylock malware to control the infected machines has been disrupted in an international law enforcement operation that also involved several private security companies. Shylock, also known as Caphaw, has been named so because, when analyzing a sample, security engineers found pieces of Shakespeare’s Merchant Rating: 5
Sponsored Links
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
Ecatel network problems
By pimpinjg in forum News & Current EventsReplies: 2Last Post: 6th Dec 2008, 05:43 AM -
Proxy network.
By TippiE in forum Completed TransactionsReplies: 3Last Post: 19th Nov 2008, 06:52 PM -
whats the best Social Networking script like myspace, facebook etc
By hscorp in forum Webmaster DiscussionReplies: 0Last Post: 14th Sep 2008, 08:08 PM -
[Dedicated] Prolimehost Dedicated Server Launch Special - Quad Core 9300 - Premium BGP4 Network
By prolimehost in forum ArchiveReplies: 3Last Post: 9th Sep 2008, 10:45 AM -
Latrix Network
By kr0nk in forum Forum and DDL DiscussionReplies: 0Last Post: 5th Sep 2008, 08:54 PM
themaManager - edit and manage...
Version 4.04 released. Open older version (or...