An organized crime network is distributing malware that takes advantage of rootkits and a state-of-the-art HTML injection to phish consumers as they browse the web, according to a new report from VeriSign's iDefense labs.
The malicious code sample analyzed by iDefense was a Small downloader trojan variant that installs two rootkit-protected files, and collects and transfers email addresses to a remote website. The malware then performs the HTML injection on web forms from targeted institutions that users encounter in order to commit a man-in-the-middle phish.

The link for this article located at SC Magazine is no longer available.