Threat Management, Malware

Shifu trojan now targeting U.K. banks

The banking trojan Shifu, first seen a month ago in Japan, has now been detected attacking 18 financial firms in the U.K., according to IBM site Security Intelligence.

The malware captures passwords and user details from online forms and can enable miscreants to take over accounts and siphon money. The new crimeware being seen in the U.K. campaign has evolved from that used in Japan, with code inserted to circumvent security mechanisms.

First detected in the U.K. in mid-September, Shifu was soon after observed infecting hundreds of endpoints per day.

IBM X-Force researchers suspect that financial customers are being tricked into clicking email spam links that bring them to poisoned websites hosting the Angler exploit kit. The malady is predicted to only grow in intensity and spread to other parts of Europe as well as the U.S., the researchers said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.