IBM’s KL-Remote is a remote overlay toolkit that performs what it calls “virtual mugging” It’s got an attractive, user-friendly interface that includes a “start phishing” button. It effectively circumvents both two-factor authentication and device identification protections. The toolkit is distributed by being embedded in other malware. It comes preloaded with a list of targeted banking URLs and can then decide whether or not to proceed with an attack. Researchers say it could be adapted to other languages, territories, or industries.”]