The Associated Press reports the nefarious Zeus Trojan has been modified to target enterprise bank accounts based on research by security testing firm Idappcom.
The Zeus Trojan had previously netted millions of dollars after spreading through tainted emails and communications designed to look like messages from the popular business-oriented social networking service LinkedIn.
Idappcom noted several likely reasons for the re-purposing of the malware to target business account, namely that company accounts tend to have more funds available and that there are usually a larger number of personnel allowed to access the accounts, producing more opportunities to steal access credentials.
A large scale international law enforcement effort culminated in October with the indictment of more than 60 people in the US.
Two convictions have already been handed down in the case against Dmitry Krivosheyev and Maxim Illarionov, who may receive as much as 20 years in prison and fines up to $250,000.
Authorities believe more accomplices have yet to be identified, and the announcement that Russian banks may have worked to launder the ill-gotten funds could result in even more indictments in coming months.
The FBI indicates that nearly 400 cases involving the Zeus Trojan have been reported.