Researchers are tracking a spike in banking trojan Shylock infections.
Chris Mannon, a researcher on Zscaler's ThreatLabZ team, told SCMagazine.com on Thursday that fraudsters are using variants of the malware, also known as Caphaw, to target users' online banking credentials at 24 banks around the world.
Though victims are primarily in Europe, Zscaler published a list of financial institutions that have been continually targeted by saboteurs, which includes several U.S. banks, including Bank of America, Wells Fargo Bank, First Citizens Bank, Capital One and Chase.
Shylock is likely delivered as part of a crimeware kit which exploits vulnerable versions of Java, Zscaler found.
