Source : Read Full Article, 'How easily USteal my passwords' on blogs.technet.com
I recently analyzed a file that claimed to be a game tool used for customizing Dota2, a multiplayer online battle arena video game developed by Valve Corporation. The tool was made by a third party and offered for free download online.
After unpacking the file, I found that it included more than the game tool - there was another executable in the bundle, a malware file that Microsoft detects as TrojanSpy:Win32/Usteal.D.
Figure 1: The user interface for the TrojanSpy:Win32/Usteal builder shows some of the applications it supports.
[...]
Figure 3: One example of how an attacker can distribute bundled malware.
