IBM Trusteer researchers reported on the campaign in a threat advisory, warning that the updated Tinba version is significantly more resilient to takedown operations than its predecessors.
"In line with Trojan anti-research and resilience features, the author of this Tinba variation, wary of potential hijacking and takedowns, incorporated several fallback mechanisms to make sure the botnet remains intact," read the advisory.
These include a "public key signing" upgrade that increases the botmaster's control of victim machines, and "a machine-dependent encryption layer for each bot to prevent security researchers spoofing bots".
Tinba is malware commonly known as the 'tiny banker' owing to its financial focus and small file size. New versions of the malware are a regular sight as the source code is publically available.
Trusteer said that the most recent campaign has been active since at least May and has targeted several European countries.
"In May 2015, IBM Security Trusteer researchers discovered a Tinba infection campaign targeting Poland, Italy, the Netherlands and Germany," read the advisory.
Trusteer explained that the goal of the new variant remains the same, despite its more robust nature.
"When Tinba infects a computer and the user tries to log in to one of the targeted banks, Tinba's webinjects are launched into action," said the advisory.
"Depending on the targeted bank, victims are presented with fake messages and web forms asking for personal information, log-in credentials or requests to perform a funds transfer.
"The notice may even attempt to convince users that money has been added to their account accidentally and must be refunded immediately."
The researchers said that the variant's discovery is part of a wider trend in which criminal gangs are migrating their attacks from the US to Europe.
"This latest Tinba campaign is just one of many malware threats that have migrated to Europe after previously targeting US banks," read the advisory.
"While this trend may prove a challenge to many banks who have not yet hardened their defences, it also provides an opportunity for those institutions to take advantage of the lessons learned having combated this malware elsewhere."
Trusteer is one of many security firms calling for businesses to rethink their defence strategies.
EY announced plans on Tuesday to invest $20m in creating a central Managed Security Operations Centre capable of predicting and mitigating cyber attacks and malware like Tinba.
Insecticides based on sulfoxaflor might be as bad for bees as neonicotinoids
Intel teases forthcoming new graphics card accompanied by the text "We will set our graphics free"
Think your password manager is completely secure? Think again...
ARM plans 7nm 'Deimos' for 2019 and 5nm and 7nm 'Hercules' for 2020