UK Police Leads Bid To Shut Down Shylock Malware

The National Crime Agency and its global allies deny Shylock banking Trojan its pound of flesh

The UK National Crime Agency (NCA) teamed up with colleagues from around the world including the FBI, Europol and the German Federal Police (BKA), in order to bring down a strain of financial malware called ‘Shylock’.

The law enforcement agencies have been assisted by industry partners – Dell, BAE Systems and Kaspersky Labs.

The operation seized Command & Control servers and recaptured domains used by Shylock to communicate with the infected machines. It was coordinated by the NCA, which says this is the first project of its kind for a UK law enforcement agency.

The villainy you teach me, I will execute

Shylock, so-called becauase of quotes from Shakespeare’s Merchant of Venice hidden in its code, has so far infected at least 30,000 Windows computers around the world, extracting financial data rather than a pound of flesh.

Police LandscapeBAE Systems calls it “one of the most sophisticated and fastest cyber criminal threats today”. Once Shylock infects a machine, usually after users click on a malicious link, it attempts to steal sensitive financial data, which is then used for fraudulent transactions. This costs the banking industry millions of pounds each year.

The anti-malware operation brought together agencies from the UK, US, the Netherlands, Turkey, Italy, Germany, Poland and France. It was run from the European Cybercrime Centre (EC3) at Europol headquarters in The Hague, which provided technical infrastructure, secure communications and analyst support.

However, most of the efforts were coordinated by the NCA, since it is thought that Shylock primarily targets British users.

“The NCA is coordinating an international response to a cyber crime threat to businesses and individuals around the world. This phase of activity is intended to have a significant effect on the Shylock infrastructure, and demonstrates how we are using partnerships across sectors and across national boundaries to cut cyber crime impacting the UK,” said Andy Archibald, deputy director of the NCA’s National Cyber Crime Unit.

The NCA notes that Shylock is not a threat to anyone who receives automatic Windows updates. “We continue to urge everybody to ensure their operating systems and security software are up to date,” added Archibald.

How well do you know network security? Try our quiz and find out!