Security researchers have discovered a malicious program that installs itself through a pop-up ad and can read keystrokes and steal passwords when victims visit any of nearly 50 targeted banking sites.
Security experts at the Internet Storm Center have studied the "img1big.gif" trojan file, and have discovered it to target a long list of banks and attempted to steal the account information of those institutions' customers.
More here.