New information-stealing Trojan “Carberp” adds a feature that detects which antivirus program is running on victimized PCs. Cybercriminals pay for ‘antivirus test’ services to check whether the tests they paid for actually work. These services do not alert security companies when a new piece of malware is detected. Carberp’s use of an antivirus software profiler lets the Trojan’s makers evaluate the services to give them proof that the scans are accurate. The malware is being sold in the underground, and therefore is used by several different cybercrime groups.”]