The infamous Zeus botnet has begun harvesting bank data by posing as a credit card verification scheme.
Security firm Trusteer said that the malware has been injecting phishing pages into systems which harvest bank details along with personal identification information.
The pages purport to be from a bank, and ask the victim to fill out an 'enrolment form' for the Verified by Visa or Mastercard SecureCode programmes.
The Zeus botnet is particularly notorious for its phishing practices. Rather than attempt to redirect users to infected sites or phishing pages, the malware embeds itself within the system and generates phishing pages locally.
Trusteer explained that the malware waits for the user to log-in to a banking site, and then generates the phishing pages which resemble the user's own bank. The attack currently targets customers of at least 15 US financial institutions.
The stolen account data is then used to register accounts with the verification services and perform fraudulent transactions.
Zeus made headlines earlier this year when it moved from collecting financial data to harvesting information from government workers.
The infections have continued despite increased efforts to shut the botnet down. Trusteer estimates that the malware may infect as many as one in every 100 computers.
Found by calculating the strength of the material deep inside the crust of neutron stars
Can highlight in real-time the relevant regions of an image being described
Double legal trouble for Musk as he also faces civil lawsuit over renewed British pot-holer 'paedo' claims
Battery development could help boost performance of smartphones