Security researchers at Dell SecureWorks Counter Threat Unit (CTU) have published a report analyzing banking botnets in 2013. Charts on the report show that the most active banking malware over this year is called Gameover a modified version of the famous Trojan Zeus.
38% of all malicious activity in the cyberspace is related to Gameover. On the second place we found Citadel with 33% and the standard Zeus with 13%.
Cybercriminals are using encryption to make their malware pass over security measures such as firewalls, intrusion detection systems and other protection measure in place. the communication is now using the peer-to-peer communication to make it difficult to track the C&C servers and communication signed with different botnet components.
More then 900 financial institution customers in 65 countries were victims of similar fraud attacks. This across U.S, Germany, Spain, Italy, Canada, France, Australia and the UK , although in 2013 the geography of attacks significantly expanded to include new countries in Middle East, Africa and Asia. you can find the full report over this link: http://www.secureworks.com/cyber-threat-intelligence/threats/top-banking-botnets-of-2013/