Banks Faced by New Online Threats

Online banking is in trouble again and The Register warns that security analysts at Websense, have detected a string of malicious websites that install Trojan code, allowing hackers to compromise end-user banking credentials for more than 50 financial institutions and ecommerce websites.

The reports adds that the websites are hosted in Germany, England, and Estonia, and use a round robin DNS, resolving to five unique IP addresses that change on each occasion. Each site hosts the same code, exploiting the MS06-014 vulnerability in a bid to install a Trojan downloader without end-user interaction.