Shifu: ‘Masterful’ New Banking Trojan Is Attacking 14 Japanese Banks
A
brand-new advanced banking Trojan discovered in the wild has been named “Shifu”
by IBM Security X-Force, after the Japanese word for thief. The malware appears
to have been active since as early as April 2015; it was unearthed by IBM
Security antifraud platforms through continuous protection of customer
endpoints all over the world.
Shifu
currently targets 14 Japanese banks and select electronic banking platforms
used across Europe; however, at this time, only Japan is seeing active attacks.
Due to
the capabilities Shifu presents, it is considered a highly sophisticated
banking Trojan. Our analysis reveals that some of this malware’s features and
modules were borrowed from other banking Trojans’ leaked source codes,
including Shiz, Gozi, Zeus and Dridex, making it a power-patchwork of sorts.
Cybercrime’s New Familiar Face
The
Shifu Trojan may be a new beast, but its inner workings are not entirely
unfamiliar. The malware relies on a few tried-and-true Trojan mechanisms from
other infamous crimeware codes. It appears that Shifu’s internal makeup was
composed by savvy developers who are quite familiar with other banking malware,
dressing Shifu with select features from the more nefarious of the bunch.
Read
more about Shifu here
Comments
Post a Comment