In December 2012, security vendors Versafe and Checkpoint publicized details of a sophisticated Trojan horse they named Eurograbber, which had stolen an estimated 36 million euro from more than 30,000 customers in over 30 banks across Europe. The attacks began in Italy and quickly spread to Spain and Holland.
This attack began by infecting the computers of bank customers through a phishing email, which downloaded a Trojan (a variant of Zeus) designed to recognize and inject instructions into banking transactions, diverting money into a “mule” account owned by the criminals.
The attack was able to circumvent the SMS-based authentication system used by the targeted banks by asking the user to install new security software on their mobile device.