Where Are They Today? Cybercrime Trojans That No One Misses: Shifu Malware
This
is the first installment in an ongoing series about banking malware that faded
away in 2017.
---
Cybercrime
is a very dynamic threat landscape. With over 100 million malware strains
tracked by AV-TEST in 2016, malware can be a dime a dozen. When it comes to the
more organized cybercrime groups and sophisticated banking Trojan projects,
malware families are more defined and easy to recognize. These threats advance
at a trackable pace and their targets are regularly monitored by IBM X-Force.
Gang-owned
malware helps its operators steal untold amounts of money. These codes do not
typically go away without a publicly visible reason, such as a shutdown by law
enforcement. However, there are some notable exceptions.
According
to IBM X-Force data, a few major cybercrime groups did crawl out of the
spotlight slowly and for no apparent external reason in 2017. Some names that
come to mind are Shifu, Tinba, Neverquest, Qadars and GozNym. Where were these
malware codes before, and where are they today?
Tracking the Shifu Trojan
Shifu is
a sophisticated banking Trojan that was discovered by X-Force Research in
August 2015. According to X-Force analysis of Shifu’s code, this malware
borrowed some of its central mechanisms and configuration style from other
well-known banking Trojans, such as Shiz, Gozi, Zeus and Dridex. This brought
it to a highly functional level right from the moment of its release. At the
time of discovery, Shifu’s targets were found to be mostly in Japan, but it
didn’t take long for the malware to spread to banks in the U.K. and other parts
of Europe.
With
unique code mesh and advanced data theft capabilities, it was evident to
X-Force researchers that Shifu was created by malware veterans. This suspicion
was reinforced by its configuration files that targeted business and wealth
management accounts, alluding to the operators’ ability to steal and cash out
heftier sums than schemes targeting consumers. This is yet another
characteristic of an organized and resource-backed group.
Read more
about Shifu’s demise here.
Comments
Post a Comment