Snifula banking trojan is blocking antivirus ads

The Snifula banking trojan is targeting an antivirus advert on a major Japanese bank in an attempt to avoid detection, according to security firm Symantec.

JavaScript code in the malware prevents an image for the Japanese antivirus PhishWall displaying when a user browses the bank’s website, with the software used to safeguard financial transactions.

Symantec said: "This group of cybercriminals has gradually increased its target of Japanese financial institutions throughout the year to include not only major banks, but also smaller regional institutions.

"It appears that this group is interested in achieving more success in the region and is avidly studying way in which they can avoid users being alerted to potential scams."

The firm added that the malware may eventually gain the capability to disable the antivirus even after it has been installed, though "only time will tell if that will ever happen".

Snifula was reported to be attacking more than 30 Japanese financial groups during July, with hackers hoping to steal financial data from banks of various sizes.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing