“Trusteer’s security team recently analysed a Ramnit variant that is targeting a UK bank with a clever one-time password (OTP) scam,” said a Trusteer spokesman. The malware reportedly avoids detection by going into an idle sleep mode until its intended victim logs into their online bank account, at which point it activates and presents them with a fraudulent phishing message. “While the user is reading the message, Ramnit connects to its command and control server and obtains the details of a designated mule account,” explained a Trusteer spokesman. Once connected to the account the malware enters its final stage, presenting its victim with a second bogus message designed to dupe the user into entering a code that will let the malware bypass the system’s final defence.