Passteal, the malware that steals passwords stored in the browser using a password recovery tools, disguised as Key generators and Ebooks.
This indicates that the malware targets users who frequently use Torrent and other file hosting website to get hold of illegal copies of software.
While older variants use the password recovery tool "PasswordFox", the new variant uses 'WebBrowserPassView' tool to steal credentials stored in major browser apps such as Internet Explorer ver. 4.0-8.0, Mozilla Firefox 1.x-4.x, Google Chrome, and Apple Safari.
Once the malware extracts the data, it stores the stolen credentials in an .XML file and send the file to a remote FTP server.
According to TrendMicro malware report, the password recovery tool enables PASSTEAL to acquire all login credentials stored in the browser- even from websites using secured connections (SSL or HTTPS).