Shylock is a banking malware that was discovered back in 2011 and targets banking details of the infected machines. The malware had been in the eyes of security researchers for a while and they have deemed it quite dangerous, given that it is regularly updated by its authors. Shylock has now been equipped with a new plugin which allows it to spread via Skype.
The malicious plugin which allows Shylock to spread over Skype is called msg.gsm. The plugin essentially allows the malware to send messages, transfer files and even clear out messages on Skype. Moreover, it also allows Shylock to bypass Skype’s warning meant for the users.
One of the key reasons why Shylock is so nefarious is the fact that it is constantly being updated by its authors and new features are added to it on a regular basis. This allows the trojan to stay relevant for the current technologies and successfully bypass them in many cases.
With its new plugin, the malware can even spread through removable drives and sharing over the local network. Once a machine becomes infected, Shylock is able to steal cookies which may often contain sensitive information. It is specifically meant to target and steal off banking credentials of its victims.
An interesting revelation made by CSIS Security Group is that Shylock is actively targeting the users in the UK where the concentration of its victim machines is highest. Many users in other parts of Europe as well as US have also fallen victim to the malware.
Courtesy: The Hacker News