“It is an interesting financial malware family: one of the few that has autoload functionality for automatically stealing money when the user is actively accessing his banking account. An infected user can’t recognize that his money is being stolen,” Matrosov writes. “This threat has many techniques for bypassing security software and evading automated malware samples processing.” Zscaler said in a blog post, “Over the last month, the ThreatLabZ researchers have been actively monitoring a recent uptick in the numbers of Win32/Caphaw (henceforward known as Caphaw) infections that have been actively targeting users’ bank accounts since 2011.
MALWARE – SHYLOCK Banking trojan re-emerges SEP 2013
ESET reports report a major Banking trojan is currently spreading and targets 24 different banking systems. Users should ensure they are malware free in all ecommerce transactions.
QUOTE: A stealthy banking Trojan known as Caphaw or Shylock has resurfaced – and is attacking customers of 24 American banks. It’s armed with defensive and stealth abilities including the power to “restore” itself during shutdown. The malware is described as “one of the few that can steal money while a user is accesing his bank acount,” by ESET Security Intelligence Team Lead, Aleksandr Matrosov, who published a detailed analysis of the malware this year.