Shylock financial malware back 'with a vengeance'
Jump to navigation
Jump to search
(Publication) Google search: [1]
| Shylock financial malware back 'with a vengeance' | |
|---|---|
| Botnet | Shylock |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 2012-02-16 |
| Editor/Conference | CSO Online |
| Link | http://www.csoonline.com/article/700368/shylock-financial-malware-back-with-a-vengeance- (Archive copy) |
| Author | Taylor Armerding |
| Type | |
Abstract
“ Trusteer, a Boston-based in-browser web security vendor, issued a warning this week about the return "with a vengeance" of "Shylock," a polymorphic financial malware variant the company discovered last September that is now showing up again in end-user machines.
It is aimed primarily at global financial institutions. Trusteer code-named it Shylock because, "every new build bundles random excerpts from Shakespeare's 'The Merchant of Venice' in its binary," according to a blog post by Trusteer CTO Amit Klein.
"These are designed to change the malware's file signature to avoid detection by anti-virus programs," wrote Klein.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1045,
editor = {CSO Online},
author = {Taylor Armerding},
title = {Shylock financial malware back 'with a vengeance'},
date = {16},
month = Feb,
year = {2012},
howpublished = {\url{http://www.csoonline.com/article/700368/shylock-financial-malware-back-with-a-vengeance-}},
}