Security experts at Malwarebytes detected a new of the popular Zeus banking trojan variant which makes use of steganography to hide the configuration file. The new variant, dubbed Zeus VM, downloads a configuration file that contains the list of banks targeted by the malware. The malicious code is able to steal online banking details, hijacking login details to the attackers and mask the transfers of money to a bank account managed by criminals. The researchers discovered that the image used by the Zeus variant is much larger of the original image found with a simple research made with Google because cybercriminals added additional data encrypted using Base64 encoding.”]