DTX Manchester DTX Manchester
  • About Us
Monday, 25 January, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Shifu Banking Trojan Changes the Game

by The Gurus
September 1, 2015
in News, Videos
Share on FacebookShare on Twitter

14 Japanese banks are under attack from a new breed of Trojan – named Shifu – the Japanese word for thief.
What makes this Trojan special is that it’s made from a mix of previously discovered malware, according to IBM Security X-Force staff. Austrian, Germany and other EU countries as well as Japan have been host to the attack.
Not your classical banking Trojan, Shifu comes with an ability to choose multiple targets and is very hard to detect due to the clever way it’s made. Using aspects of Shiz, Corcow, Zeus, dridex, conficker, dyre and the Gozi/ISFB trojan, Shifu is highly sophisticated. Additionaly, Shifu has a modular architectire that communicates with a command and control server which gives it real-time instructions and load modules based on the infected target’s features.
Shifu resultantly has the ability to steal credentials from HTTP form data, scrape authentication tokens from banking apps, find and steal private certificates and even detect smartcard readers attached to PCs. It can actually exfiltrate the data from these readers!
As if it wasn’t bad enough for security teams, Shifu has in-built antivirus. This keeps other banking Trojans at bay. This effectively keeps the victim solely in the hands of Shifu’s distributors, who are protecting their quarry from other criminals.
It is currently unclear where the Trojan has come from, with some saying Russia and others saying the app is masquerading as originating in Russia to throw off security teams, since Russia is a common point of origin for cyber-crime.
 
 
 

0 0 vote
Article Rating
FacebookTweetLinkedIn
Tags: attackBreachCloudconfickerCorcowCyberCyber Securitycybersecuritydatadata breachDDoSdridexdyreEncryptionFlawGozi/ISFB trojanhackedHackerHackershydrainfosecinfosecurityITit securityMalwarePatchshifuShizthiefTrojanVulnerabilityZeus
ShareTweetShare
Previous Post

Top 5 IT Security Audit Questions

Next Post

Where to from here?

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

banking

BTG+ implements Feedzai’s Artificial Intelligence solution

January 22, 2021
Cybersecurity Failure among Highest Risks, warns World Economic Forum

Cybersecurity Failure among Highest Risks, warns World Economic Forum

January 22, 2021
Small caution cone placed over the 'enter' key on a macbook keyboard.

The Top 5 Phishing Scams of 2020

January 22, 2021
Two gloved hands holding up a globe wearing a surgical mask

Fake COVID-19 Test Certificates Pose Risk to Air Travel

January 22, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept