Here is another example of a Trojan program designed specifically for banking fraud. Once users are infected, which can happen via drive-by downloads or phishing attacks, the Trojan can launch a man-in-the-middle attack and take over a banking session. The Trojan is then able to perform transactions as if it was the legitimate user.
It is important to note the sophistication of this attack. The Trojan is centralized and dynamic, and will download customized fraud instructions once it determines which bank a customer uses.
SecureWorks has discovered a stealthy, new Prg Banking Trojan. This new variant is the malware behind Zbot, a new botnet designed specifically to do banking fraud. The hackers using this new malware are specifically targeting banking clients that have commercial accounts. The banking variant has been designed and is being used by the Russian UpLevel hacking group and some German affiliates. The UpLevel hackers are staging their latest attacks using data centers in Moscow, Russia, and Mumbai, India.