The Italian Honey Project

SecureWorks researchers uncovered the complicated operation in April when it discovered a unique variant of the well-known Zeus Trojan that targets Windows-based PCs. In addition to stealing login credentials, the Trojan established a virtual private network VPN connection from the infected computer to a remote server using the PPTP Point-to-Point Tunneling Protocol functionality in Windows and listened to a random TCP Transmission Control Protocol port in order to serve as a SOCKS proxy.

via Check counterfeiting using botnets and money mules | InSecurity Complex – CNET News.