A new piece of malware being distributed by Sality can uses stolen Facebook credentials to surreptitiously install rogue apps under the corresponding profiles.
Sality is the world's top file infecting malware and dates back to 2003. The threat has evolved over the years and was fitted with P2P, self-propagation and malware distribution functionality.
According to security researchers from Symantec, at the beginning of this year, Sality operators pushed a malicious component through its P2P network that acted as a keylogger and recorded Facebook, Blogger and MySpace login credentials.
The trojan sent the stolen credentials to a command and control (C&C) server, but also stored them locally in an encrypted file to the surprise of security researchers.
