More scary news about a particularly hard to track trojan called Mebroot that hides itself in the Master Boot Record of the hard drive, then sets about stealing passwords and login details with a keylogger whenever a user visits one of 900 financial institutions. Symantic has an assessment here and a break down of the risks methods of attack here.
"Security experts are warning about a stealthy Windows virus that steals login details for online bank accounts.
In the last month, the malicious program has racked up about 5,000 victims - most of whom are in Europe. Many are falling victim via booby-trapped websites that use vulnerabilities in Microsoft's browser to install the attack code. The malicious program is a type of virus known as a rootkit and it tries to overwrite part of a computer's hard drive called the Master Boot Record (MBR).
Once installed the virus, dubbed Mebroot by Symantec, usually downloads other malicious programs, such as keyloggers, to do the work of stealing confidential information. Most of these associated programs lie in wait on a machine until its owner logs in to the online banking systems of one of more than 900 financial institutions. Computers running Windows XP, Windows Vista, Windows Server 2003 and Windows 2000 that are not fully patched are all vulnerable to the virus."