A new version of a file-infecting malware program thatís being distributed through drive-by download attacks is also capable of stealing FTP (File Transfer Protocol) credentials, according to security researchers from antivirus firm Trend Micro.
The newly discovered variant is part of the PE_EXPIRO family of file infectors that was identified in 2010, the Trend Micro researchers said Monday in a blog post
. However, this versionís information theft routine is unusual for this type of malware.
The new threat is distributed by luring users to malicious websites that host Java and PDF exploits as part of an exploit toolkit. If visitorsí browser plug-ins are not up to date, the malware will be installed on their computers.