Backdoor.Win32.Caphaw

Detect Date 06/03/2016
Class Backdoor
Platform Win32
Description

Malware of this family was discovered in fall 2011 and distributed until July 2014. Backdoor.Win32.Caphaw, also known as Shylock, is typical banking malware with the following main capabilities:
• Spoofing web page content in popular browsers
• Stealing data entered in web forms
• Downloading and running other malware, as well as add-on modules for spreading via Skype and USB drives, hiding files and processes on the system, and more
• Providing the criminal with remote access to the infected computer via VNC
• Recording video

Geographical distribution of attacks by the Backdoor.Win32.Caphaw family


Geographical distribution of attacks during the period from 01 January 2013 to 01 January 2014

Top 10 countries with most attacked users (% of total attacks)

Country % of users attacked worldwide*
1 Brazil 19.45
2 Russian Federation 12.73
3 United Kingdom 12.40
4 Italy 7.95
5 Vietnam 7.29
6 Ukraine 4.31
7 India 3.50
8 Turkey 2.22
9 Belarus 1.56
10 Mozambique 1.51

* Percentage among all unique Kaspersky Lab users worldwide attacked by this malware