A new variant of the Ramnit malware has been discovered targeting the UK’s financial sector. The malware avoids detection by going into an idle sleep mode until its intended victim logs into their online bank account, at which point it activates and presents them with a fraudulent phishing message. Malware variants present the victim with new input fields, security warnings and customized text during login, account navigation and transactions. While the victim is reading the messages, Ramnit connects to its command and control server and obtains the details of a designated money laundering bank account.
Source: https://thehackernews.com/2013/05/uk-banks-hit-by-ramnit-banking-malware.html