A new report sheds light on how the sophisticated banking malware known as Neverquest or Vawtrak is able to evade detection, by using encryption, anonymous routers and even steganography. The malware has hit well over 100 of the world’s biggest financial institutions in 25 countries. It uses multiple avenues to get banking credentials, including looking at users’ social media networks and email. It’s also layered in obfuscation techniques that makes it difficult for security researchers to figure out how the malware works — and how to take it down.”]