Crooks are taking advantage of one the Internet's key weaknesses - a fondness for cat pictures - to infect computers with banking malware, according to Trend Micro.
The Zbot malware uses steganography - the practice of concealing a message within something else - to hide configuration files in images of cats and sunsets, says Trend Micro in a blog post.
Zbot downloads a Jpeg file with an image containing a hidden list of banks from around the world to monitor. If a victim visits one of the banks, the malware jumps into action and steals user credentials.
Image appended with the list of targeted institutions
The attack also downloads other malware onto the system which removes the X-Frames-Options HTTP header from sites the user visits, allowing them to be displayed inside a frame, enabling clickjacking attacks.