Hackers are going after British Christmas shoppers' credit card data, using the Zeus Panda banking Trojan.
In most cases, hackers inject banking malware code of variants like Zeus Panda (aka Panda Banker) onto targeted banking sites, to harvest victims' banking credentials and credit card information.
However, security researchers observing the evolution of banking malware campaigns say that hackers have now begun injecting such malicious code into online payment sites, retailers' sites, casinos and more.
According to security researchers at Proofpoint, who uncovered the recent Zeus Panda malware campaign, hackers have been targeting holiday shoppers since November, capitalising on the Thanksgiving, Black Friday and Cyber Monday shopping sprees.
The hackers behind the malware have injected malicious code onto popular online shopping sites such as Zara, as well as traveling sites, video streaming sites and more.
The malware has been designed to steal victims' address, phone numbers, date of birth, credit card information, social security numbers and security-related data such as mother's maiden name.