If you think you can rely solely on your bank’s internet security to protect you, think again. Researchers at IBM Security have uncovered new malware that targets consumers in order to steal money from their accounts.

“We already know of $4 million that was stolen by this malware,” said Etay Maor, an executive advisor with IBM Security. The worst part: It's still out there.

Maor led the Israel-based team that discovered the malware, which has already been used against undisclosed banks in the U.S., Canada and Europe.

The virus, known as GozNym, is a combination of two pieces of malware — one that infects the computer and the other that waits silently like a serpent until the user visits the website of a financial institution.

“The criminal is sitting on the other end obtaining that info in real time,” Maor said.

What’s really different about this malware, according to Maor, is that it’s hard for researchers to even analyze because hackers doubled the encryption.

“When we first saw it, we were saying something bad is happening here but we’ve never seen this before … there are so many layers, we had to break in just to understand what it was,” said Maor.

It’s also much harder for anti-virus software and other solutions to detect it — leaving the end user completely in the dark.