The FormSpy Trojan attacks computers that have already been infected with the Downloader-AXM Trojan, according to a security advisory McAfee issued Tuesday. Once FormSpy is executed, it installs itself as a component of the .
The FormSpy spyware then gleans sensitive information, such as credit card and bank account numbers, from the user's browser and forwards it to a malicious Web site. But this Trojan is capable of other tricks, as well, McAfee noted.
The main executable is also capable of sniffing passwords from traffic for ICQ (the "I seek you" program that alerts users to the presence of acquaintances online), FTP (file transfer protocol), IMAP (Internet message access protocol, an e-mail management program) and POP3 (post office protocol, a data format for e-mail), McAfee warned.
Although the FormSpy Trojan is circulating, it is considered a low risk, McAfee said. What's more, people may have already taken steps to mitigate the earlier Downloader-AXM Trojan that is needed for the FormSpy Trojan to take hold.