Researchers at AVG have uncovered a botnet that makes use of at least four variants of Zeus to harvest personal information, according to an IDG News Service article on The New York Times.
According to AVG, the Mumba botnet infected more than 35,000 computers when it started at the end of April. The botnet now infects some 55,000 computers, half of which are in the UK and Germany. Stolen data includes credit card numbers, e-mail, login and password information for social-networking sites and bank account details.
AVG believes Mumba is controlled by the Avalanche Group, which specializes in phishing sites as well as malware.