Unlike previous techniques, this type of malicious code is designed specifically for certain banking sites and will only become active when the user visits the site of his bank.
The "Man in the Browser" will intercept the the HTML code on the user’s browser, thus retrieving the victim’s the logging credentials (both login name and password). Later on, the information will be stored on an FTP site, waiting to be purchased by the highest bidder.
This type of malware proves to be a real headache for security developers. According to F-secure, it is recommended that users resort to security products based behavioral analysis, given the fact that the malware only reacts to certain sites.