New IE Malware Captures Passwords Ahead Of SSL

SANS Internet Storm Center is reporting on a new strain of IE Malware. This one targets bank customers, which in itself is nothing new. But the catch is in the way it does it: it installs a Browser Help Object (BHO) that can capture login information before it is encrypted, and watches for HTTPS (secure) access to URLs of several dozen banking and financial sites in multiple countries.