Computerworld reports that clicking on the links downloads two pieces of malware: a Zeus variant and a custom Perl script that has been converted to an executable, which searches for Word, Excel and PDF documents.
Kneber was first detected early last year when it collected login credentials to online financial systems, social networking sites and e-mail systems from at least 75,000 computers at 2,500 companies and government agencies worldwide.