According to Phishlabs, Vawtrak, a malware that emerged in the mid-2000s, is back with a vengeance.

The malware has extended its attack reach to social networks, online retailers like StubHub, analytics firms, and game portals. Although arrests this summer were made in the U.S., London, and Canada involving individuals in the Stubhub operation, it doesn't appeart that the malware is scaling back.

even if it's been secured with encryption, Vawtrak's new webinject capabilities allow it to modify data in web traffic. This lets it steal login credentials, automate fraudulent transactions within online banking sessions, and put in form fields into legitimate webpages to gather additional personal information.

The best advice is to avoid using open networks to do online banking transactions.