14 DAY TRIAL // Shylock, the Trojan whose name is based on a Shakespeare character from The Merchant of Venice, is once again up to no good. Its developers have added a feature that allows it to inject the attacker’s phone number into bank websites visited by the victim.
Symantec experts have identified a new version of the Trojan that comes with a cleverly designed configuration file. This is used to inject a piece of JavaScript that contains the cybercriminal’s phone number into the contact webpage of a banking site.
This way, in case the victim wants to call the bank, he/she will have a nice conversation with the attacker, instead of the financial institution’s representatives.
There are two plausible scenarios for launching this type of attack: the crooks want to harvest sensitive information via phone, or they want to prevent the victim from reporting potential fraudulent activities to the bank.
“At [bank name] we do everything we can to make sure you receive the best possible service. However, sometimes we don’t get things right. When this happens please let us know and we will ensure that we fully investigate your complaint and do everything we can to put things right,” reads the message injected into online banking sites.
“Whichever way you can contact us we’ll start investigating right away. In person – speak to our staff at any of our branches,” the message continues.
Unfortunately, this situation once against highlights the fact that cybercriminals can come up with some ingenious ways to trick unsuspecting bank customers.
Since you need to have supernatural powers, or at least a keen sense of observation, to notice that the phone numbers are not genuine, the case also highlights the need for reliable antivirus software, which in many situations can keep you out of trouble.
Currently, the main targets of Shylock are users from the UK, the US and Canada.