Source: Security News Daily
by Paul Wagenseill
In this article “It’s smart, it’s bad and, worst of all, you’ll never know it’s hit you — until it’s too late.
Researchers at Tokyo-based anti-virus firm Trend Micro have discovered a new twist on banking Trojans that doesn’t interact with the victim at all.
Standard banking Trojans dupe an account holder to log into a duplicate of his bank’s website, thereby conning him into giving up his username, password and account number, which they use to log in after he’s done.
This new variant, which can be grafted into the existing banking Trojans ZeuS or SpyEye, infects computers the old-fashioned way: It either infects Web browsers via a drive-by download or piggybacks as an attachment on a phishing email.”