A piece of malware called Win32.Ramnit, which has been known to security researchers for at least 18 months, has been repurposed to target online banking users, according to security firm Trusteer.
The malware has been altered to include the HTML-injection tactics made famous by Zeus. Ramnit modifies HTML files to intercept and harvest banking details from customers during transit, allowing the attack to occur during what is otherwise a normal, safe banking transaction.
Trusteer said that the attack is made particularly dangerous by the prevalence of Ramnit infections on the web. The company cited figures from Symantec suggesting that Ramnit is responsible for 17.3 per cent of all new malware infections.
The new attacks were blamed in part on the recent decision by the creators of Zeus to release the source code behind the attack tool, giving malware writers dangerous new tools.
"The metamorphosis of Ramnit into financial malware is a sign of things to come now that the Zeus source code has been made openly available to anyone on the internet," said Trusteer chief technology officer Amit Klein.
"Unlike the past, when financial institutions had to defend against a limited number of malware platforms, attacks can now come from virtually any malicious software program, old or new."
Security experts speculated in April that malware writers armed with the Zeus code could craft new attacks that borrow components and techniques from the infamous malware infection.
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff