‘Shylock’ targets UK banks by modifying traffic while an online transit is on, says Trusteer
Security company Trusteer has discovered a new Internet banking Trojan targeting the customers of around six UK banks.
The security company, which supplies its Rapport security product to several UK banks, including HSBC, RBS and Santander’s UK operations, said that the malware Trojan attacks by sitting silently on the browser and monitoring online transactions, according to SearchSecurity.
The malware makes use of clever new techniques to avoid detection and removal.
Trusteer has dubbed the malware as ‘Shylock’ — a Shakespearian moneylender in Shakespeare’s Merchant of Venice.
Shylock famously demanded his "pound of flesh" from the protagonist as an alternative to clear an unpaid debt.
Trusteer said that the malware first gets installed in banking customer’s Internet browser. As soon as the Trojan detects an online banking session, it alows a hacker to steal login information, and also modify the traffic between the bank and the customer.
"Shylock sits in the browser. It can passively monitor the user’s traffic, or it can modify the traffic in transit," said Trusteer CTO Amit Klein.
"For example, if you log into a targeted bank, it can record your login information, it can record the contents of the page returned from the bank’s Web server – such as your bank balance – or it could modify the page before it is rendered on the screen," Klein added.