Cybercriminals have infected 1.2 millions PCs with the Eleonore toolkit in a bid to take control of the machines and potential steal banking and credit card details from unsuspecting web users, says AVG.
According to the security vendor the PCs were infected via 165 compromised websites, which has 12 million visitors over a two month period, equalling a one in ten success rate.
"The accessibility and sophistication of easy-to-use cybercriminal toolkits proves that cyber gangs are raising the bar to monetise their criminal activities," said Yuval Ben-Itzhak, senior vice president at AVG.
"That is why it's more important than ever for families, corporations and other computer users to protect their computers from being targeted by this kind of increasingly popular cyber attacks
According to internet security firm Prevx, the report is a stark warning to web users that cybercrime is a massive threat.
"Although the majority of consumers have some form of security on their PC, the sheer number of successful attacks being carried out tells us that there are some big gaps in our defences," said Prevx CEO Mel Morris
"It's about ensuring consumers are aware of the threat, then ensuring they have the necessary layers of protection. PC security products must make it harder for malicious software to steal information entered or displayed while the user is surfing, socialising and transacting on the web.
Morris said gaping hole in almost all PC security offerings that is widely exploited by the vast majority of banking and information stealing Trojans, and the root cause behind most internet fraud.