A Trend Micro Research Paper describes an ongoing attack that targets a number of countries worldwide. The attack is designed to bypass a certain two-factor authentication scheme used by banks. Operation Emmental is a complex operation that involves several components in order to defeat a particular online banking protection system used in several countries. The infrastructure required to pull the attack off is not inconsequential—the attackers need a Windows malware binary, a malicious Android app sporting various banks’ logos, a rogue DNS resolver server, a phishing Web server with several fake bank site pages, and a compromised C&C server.
In response, Trend Micro contacted the banks that the cybercriminals behind Operation Emmental attempts to phish so they could take appropriate measures to protect their clients.
Read the full paper here – http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-finding-holes-operation-emmental.pdf