Those behind Carberp spent time not just on the configuration file, but also making sure they have a method in place to compromise two factor authentication schemes. The Trojan uses heaviliy dynamic JavaScript hosted on a valid HTTPS website.
Andreas Baumhof, CTO of TrustDefender comments, "The evolution of Trojans such as Carberp highlights how Trojans use complex behaviour to employ intelligent guises and commit fraudulent activity. Financial institutions and enterprises need to provide appropriate security, beyond traditional AV software to reduce the risks of fraudulent activity."