According to Avast, the malware s operators have a keen interest in Italian targets and attacks against these banking institutions have led to the loss of credentials and financial data.
The cybersecurity firm said on Tuesday that at least 100 banks have been targeted, based on information gathered by the researchers.
In one case alone, an unnamed payment processor had over 1,700 sets of credentials stolen.
Avast found usernames, passwords, credit card, banking, and payment information that appears to have been harvested by the malware.
First discovered in 2007, Ursnif began its journey as a simple banking Trojan. The information stealer s code was leaked on GitHub and has since evolved and has become more sophisticated, with its code being developed independently and also appearing as part of the Gozi banking malware.