The infamous Zeus botnet has begun harvesting bank data by posing as a credit card verification scheme.
Security firm Trusteer said that the malware has been injecting phishing pages into systems which harvest bank details along with personal identification information.
The pages purport to be from a bank, and ask the victim to fill out an 'enrolment form' for the Verified by Visa or Mastercard SecureCode programmes.
The Zeus botnet is particularly notorious for its phishing practices. Rather than attempt to redirect users to infected sites or phishing pages, the malware embeds itself within the system and generates phishing pages locally.
Trusteer explained that the malware waits for the user to log-in to a banking site, and then generates the phishing pages which resemble the user's own bank. The attack currently targets customers of at least 15 US financial institutions.
The stolen account data is then used to register accounts with the verification services and perform fraudulent transactions.
Zeus made headlines earlier this year when it moved from collecting financial data to harvesting information from government workers.
The infections have continued despite increased efforts to shut the botnet down. Trusteer estimates that the malware may infect as many as one in every 100 computers.
After decades of development, virtual reality is finally reaching professional usability
Nintendo sales double and profits balloon by 500 per cent as Shuntaro Furukawa is appointed president
Switch console sold more than 15 million units, while SNES Classic sold more than five million
High-precision measurements of nearly 1.7 billion stars made by Gaia space observatory
Water trapped in asteroids could be the source of the Earth's seas