John Leyden reports:
A banking Trojan attack has led to the fraudulent withdrawal of more than $1m from online banking accounts maintained with a UK bank since the start of July, according to security researchers.
Web-based malware based on the infamous Zeus cybercrime toolkit is being used to steal money via the unnamed bank’s online banking system. Researchers at the M86’s Security Labs came across the attack after discovering the botnet’s command & control centre, which is hosted in Moldova.
Victims were infected by a Zeus banking Trojan variant while browsing the net. The Trojan swiped the customer’s online banking ID and hijacked their online banking sessions, reportedly only targeting victims who had substantial balances.
Read more in The Register.