Shifu trojan now targeting UK banks

News by Greg Masters

The banking trojan Shifu is targeting 18 banks and wealth management firms in the UK.

The banking trojan Shifu, first seen a month ago in Japan, has now been detected attacking 18 financial firms in the UK, according to IBM site Security Intelligence.

The malware captures passwords and user details from online forms and can enable miscreants to take over accounts and siphon money. The new crimeware being seen in the UK campaign has evolved from that used in Japan, with code inserted to circumvent security mechanisms.

First detected in the UK in mid-September, Shifu was soon after observed infecting hundreds of endpoints per day.

IBM X-Force researchers suspect that financial customers are being tricked into clicking email spam links that bring them to poisoned websites hosting the Angler exploit kit. The malady is predicted to only grow in intensity and spread to other parts of Europe as well as the US, the researchers said.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event 

Webcast: Understanding this year's biggest adversaries - and how to combat them 

Nation-state activity, versatile, slippery strategies and Big Game Hunting - the threats are real, dangerous and ever changing. 
Brought to you in partnership with Crowdstrike