Kaspersky Lab announced today that its security experts discovered the criminals behind the Lurk banking Trojan used legitimate software for infection purposes. Users that installed legitimate remote access software from the developer’s website, ammyy.com, unwittingly had malware leaked on their machines.