Slashdot Mirror

← Back to Stories (view on slashdot.org)

Shifu Banking Trojan Has an Antivirus Feature To Keep Other Malware At Bay

Posted by Soulskill on from the probably-more-effective-than-actual-AV-solutions dept.

An anonymous reader writes: Shifu is a banking trojan that's currently attacking 14 Japanese banks. Once it has infected a victim's machine, it will install a special module that keeps other banking-related trojans at bay. If this module sees suspicious, malware-looking content (unsigned executables) from unsecure HTTP connections, it tries to stop them. If it fails, it renames them to "infected.exx" and sends them to its C&C server. If the file is designed to autorun, Shifu will spoof an operating system "Out of memory" message.

1 of 60 comments (clear)

  1. Re:Very apt name for Portuguese speakers by Cutriss · · Score: 4, Informative

    "Shifu" isn't the Japanese word for "thief", it's just the romanized word "thief". It's about as intelligent as saying that the Japanese word for "basketball" is "basukettobooru."

    IBM's X-Force either thinks they're being funny or clever, and it's really neither.

    --
    "Mod, mod, mod...and another troll bites the dust."