Internet users in Japan are the biggest targets for cybercriminals exploiting the Adobe Flash Player Buffer Overflow Vulnerability, said Symantec.
The attacks which were originally in watering-hole in April, have increased to a massive scale with 94% taking place in Japan, and 4% in the US.
The attacks are being carried out through legitimate websites, where a malicious code is hosted to redirect traffic to the attacker's website, said Symantec.
Travel agency site His-j.com, blog service jugem.jp and video sharing service pandora.tv are among the Japanese sites that have been compromised so far.
Symantec's blog post said, "Once the browsers are redirected to the malicious site, which has the IP address 184.108.40.206, they render the exploit code that attempts to exploit CVE-2014-0515.
"If an older version of the software is installed on the computer, the attack will execute a series of malicious files to compromise the computer with the malware Infostealer.Bankeiya.B, which steals banking information from users."
The Trojan targets information made available by users in their online banking transactions.
Adobe released an emergency security patch in April after Kaspersky Lab discovered that a bug related to Flash compromised jpic.gov.sy, a Syrian Justice Ministry website. The vulnerabilities in its Shockwave Player 220.127.116.11 were fixed earlier this year.
In October 2013, 38 million Adobe customers fell victims to data breach. Hackers accessed Adobe users' names, credit and debit card numbers and expiration dates.