Malware capable of stealing payment card numbers from Web forms and data entered in Web forms. Authors of the malware, dubbed Soraya, are also working on adding capabilities for stealing credentials for FTP servers. Most of the numbers have been taken from U.S. businesses, with the remainder from Canada and Costa Rica. The technique is similar to what was used in the Target breach that led to the theft of 10s of millions of payments card numbers during last year’s holiday shopping season. The authors are likely trying to make their software as marketable as possible on the underground.”]
Source: https://www.csoonline.com/article/2359441/criminals-seeking-more-buyers-with-all-in-one-malware.html