Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Banking Trojan Shifu Turns Up in UK

Banking Trojan Shifu Turns Up in UK


Banking customers in UK have been warned that an advanced Trojan malware known as “Shifu” has migrated from Japan to covertly target and take over their accounts. Security experts stated that the banking Trojan now has 18 UK targets and has ramped up activity to infect hundreds of endpoints per day. Online banking and wealth management customers are first led via email spam to websites infected with the Angler Exploit Kit. Shifu was discovered at the beginning of September. It includes a variety of features copied from existing banking Trojans, including the domain generation algorithm from Shiz and obfuscation and sandbox disabling from Zeus. Also featured were stealth techniques copied from Gozi/ISFB, and theft of passwords, authentication token files, user certificate keys and sensitive data from Java applets as per Shiz and Corcow. Security experts have also stated that the malware authors (belived to be Russian speaking) are already working on internal changes to Shifu to make sure that it continues to evade security filters.
 
Source:
 
InfoSecurity
 
Security Intelligence
 
SC Magazine
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis