According to SecureWorks researchers, a next-generation exploitation kit is being used to target banks in Russia and the Ukraine.

"The attacks are being carried out with the help of a top-to-bottom revision of BlackEnergy, a popular hack-by-numbers toolkit that until recently was used primarily to launch DDoS, or distributed denial-of-service, attacks," writes The Register's Dan Goodin. "Eastern European criminal gangs are using the expanded capabilities of BlackEnergy 2 to siphon funds out of electronic bank accounts and then assault the financial institutions with more data than they can handle, said Joe Stewart, a researcher with security firm SecureWorks' Counter Threat Unit."

"The attacks, which also use a BlackEnergy 2 module to bypass a Java-based application the banks use to authenticate customers online, began near the end of 2009," Goodin writes. "They show no signs of letting up, said Stewart, who observed the same modus operandi earlier this week."

Click here to read the article at The Register.