Researchers at Seculert in Israel have found a variant of Ramnit that is stealing those credentials and then trying to compromise other accounts belonging to the victims, including VPNs, email and other sensitive accounts. Ramnit has been causing trouble since the first half of 2010, going after online banking and FTP credentials, among other sensitive data, and racking up pretty large infection numbers in the process. The previous, financial-targeted variants had infected more than 800,000 machines in the last five months of 2011.
Source: https://threatpost.com/new-ramnit-variant-stealing-facebook-credentials-010512/76063/