Trend Micro's Rik Ferguson says the bot infected the PCs of customers of the Dexia, KBC and Argenta banks between April and May 2007. He says the investigation has remained secret until recently.
In a blog post, Ferguson says banks should be investing in more advanced authentication technology for customers aimed at verifying the transaction.
It is vital that any improvement in online banking security should verify individual transactions rather than simply authenticate the user. The authentication token itself must be capable of accepting direct input relating to the content or the value of the transaction. This can then be verified by both parties and cannot be modified by the malicious 'man in the browser.'