Usually I don't publish stuff I do at work in this blog, since we have a different blog for that, and most of the stuff doesn't justify re-writing or there's nothing I can elaborate.
This time it is different, since Bruce Schneier has quoted us, which is something that's considered as a great respect in the security community.
The URLZone trojan is very sophisticated, since it fakes the displayed balance in the bank site, so the end user could never tell the money was stolen. Also, the trojan uses the current opened session to the bank, so it doesn't need to send the account credentials nowhere.
If you like to read a great technical analysis of this trojan, you can find it in our blog.