Skip to main content

Everything You Need to Know About the Shylock Banking Trojan

Cybersecurity experts discovered the Shylock Trojan in 2011. The banking malware used a man-in-the-browser attack that gave recorded account credentials and sent them to criminals. For example, the Trojan would note your account login name and password, making it easy for an unauthorized person to access your financial data, including checking and credit card account numbers.

Standard banking security didn't notice anything suspicious at first because the criminals were using valid login information.Although the Shylock banking malware was largely eradicated in 2014, it taught banking security experts several lessons that remain pertinent today.

Shylock Banking Malware Took a Strategic Approach

Shylock's banking malware didn't cast a very wide net. Instead, it focused on the customers of about a dozen banks. If you didn't use one of the banks on its list, you were presumably safe from the banking malware.

Compare that to the more recent (2021) Bizarro banking Trojan that spread from South America to several countries in Europe, where it stole credentials from the customers of more than 70 banks.

Shylock's strategic approach might have helped it stay under the radar of banking security experts for quite some time. It's impossible to know how long the malware quietly worked in the background before detection. Once discovered, though, it only lasted about three years.

Shylock Spread Through Several Channels

Shylock banking malware spread through many of the same channels that today's malware uses. Infected computers likely picked up the malware when users:

  • Opened email attachments that contained the malware
  • Clicked on links that took them to infected websites
  • Opened SMS attachments that installed the malware's code on smartphones
  • Used public Wi-Fi networks
  • Believed that fraudulent emails or text messages came from their actual banks (cybercriminals can be quite clever when tricking people)

The growth of social media gives today's cybercriminals even more opportunities to spread banking malware and evade banking security. Hacking into one Facebook account can give a cybercriminal opportunities to spread malware across the world very quickly.

The increased reliance on work-from-home applications, including Zoom and Google Meet, also creates opportunities for spreading malware. Banking malware could include code that instructs it to share a link or attachment to everyone during a Zoom meeting. Since you trust your colleagues to send you trustworthy files, you probably wouldn't think twice about clicking on them.

Shylock Got Its Name From Shakespeare

The people who created Shylock included lines from Shakespeare's "The Merchant of Venice" throughout its code. They must have had strange senses of humor. The "joke" makes sense, though, since the play's Shylock character is a moneylender who demands a literal pound of flesh from a customer who cannot repay his debts.

Maybe the cybercriminals felt that they had been wronged by the banks they targeted. Regardless, their banking malware harmed individuals just as much as it did the financial institutions. Luckily, U.S. federal law says that banks can only hold customers accountable for up to $50 of a fraudulent charge.

Steps to Avoid Banking Malware and Improve Banking Security

Shylock isn't a major concern anymore, but plenty of other banking malware programs want to steal your information. What can you do to protect yourself? Some easy, effective options for good cyber hygiene include:

  • Keeping your software updated to minimize vulnerabilities
  • Using a password manager so you can rely on strong passwords without memorizing them
  • Taking advantage of your banking account's two-factor authentication feature
  • Avoiding public Wi-Fi
  • Installing a network firewall
  • Choosing antivirus software that gets updated frequently to combat the latest threats

If you ever use your smartphone to access your bank account, you also need to follow smartphone mobile security tips. Important steps include:

  • Scrutinizing apps and their developers before installing anything on your device
  • Checking your browser for the lock icon that shows you're on a secure site
  • Avoiding text messages from unknown numbers
  • Using strong passwords for your smartphone and all of your accounts (again, a password manager can help a lot)

Recommended Products to Improve Your Banking Security

Kaspersky's technology can protect you from all major cybersecurity threats, including ransomware, spyware, and banking malware. Kaspersky Total Security stands out as a great option because it uses bank-grade protection for your online payments. Learn how Kaspersky can help you stay ahead of emerging banking security threats.

Do you want help choosing the right solutions for your computers and smartphones? Contact us to get assistance from a representative!

Further Reading for Better Banking Security

Everything You Need to Know About the Shylock Banking Trojan

Learn about the Shylock Trojan and how you can improve your banking security.
Kaspersky logo

Related articles