The BitDefender labs discovered Trojan in a customized package, bundled with CurseClient, a free add-on manager that allows users to browse, install, and update addons for World of Wordcraft, Warhammer Online/ and Runes of Magic. The other piece of malware trying to steal Yahoo! usernames and passwords is Trojan.Agent.AQOU, which injects iFrames in HTML pages and uses a DLL pertaining to WinPcap to transmit the pilfered data.”]
Source: https://www.bitdefender.com/blog/hotforsecurity/yobbing-yahoo/