Here is an article from Symantec describing a new Trojan for conducting Internet banking fraud. This program will insert itself into banking sessions, after the user has done single or two-factor authentication, and then alter the sessions to conduct fraud. The Trojan is dynamic and updates itself to include more banks around the world.
This reinforces my interest in using Boot CD’s for Internet banking.
Targeting over 400 banks (including my own) and having the ability to circumvent two-factor authentication are just two of the features that push Trojan.Silentbanker into the limelight. The scale and sophistication of this emerging banking Trojan is worrying, even for someone who sees banking Trojans on a daily basis.
This Trojan downloads a configuration file that contains the domain names of over 400 banks. Not only are the usual large American banks targeted but banks in many other countries are also targeted, including France, Spain, Ireland, the UK, Finland, Turkey—the list goes on.