In an advisory Thursday, RSA said it has information suggesting the gang plans to unleash a little-known Trojan program to infiltrate computers belonging to U.S. banking customers and to use the hijacked machines to initiate fraudulent wire transfers from their accounts.

If successful, the effort could turn out to be one of the largest organized banking-Trojan operations to date, Mor Ahuvia, cybercrime communications specialist with RSA's FraudAction team, said today. The gang is now recruiting about 100 botmasters, each of whom would be responsible for carrying out Trojan attacks against U.S. banking customers in return for a share of the loot, she said.

Each botmaster will be backed by an "investor" who will provide money to buy the hardware and software needed for the attacks, Ahuvia said.

"This is the first time we are seeing a financially motivated cyber crime operation being orchestrated at this scale," Ahivia said. "We have seen DDoS attacks and hacking before. But we have never seen it being organized at this scale."

RSA's warning comes at a time when U.S. banks are already on . Over the past two weeks, the online operations of several major banks, including JP Morgan Chase, Bank of America, Citigroup and Wells Fargo were disrupted by what appeared to be coordinated denial-of-service attacks.