Web Injection Campaign Targets 40 Banks, 50,000 Users

A threat group is using JavaScript web injections in a global campaign to steal banking credentials and other data from users of 40 banks in the Americas, Europe, and Japan. Over 50,000 people have been targeted, according to IBM’s Security Trustee unit. The as-yet-unidentified malware involved is potentially linked to the DanaBot trojan, and is loaded onto victims’ browsers via a hackers’ server.