Banking Trojans (Man-in-the-Browser)
Banking Trojan software such as Zeus and SpyEye have become extremely sophisticated and can manipulate a wide range of user interactions with the web application. One of the techniques used by the banking trojans is to attempt to phish extra user data during login. The banking trojan will monitor HTTP stream data via the wininet.dll library and will modify content on the fly. The data modification capability within Zeus is controlled by a file called webinjects.txt.