We have been aware of a site hosting a page that exploits the VML vulnerability. Through this exploit, it downloads a W32/Viking variant. This Viking downloads several Trj/Lineage variants. And finally, these Lineage variants are responsible for gathering victim's data, such as passwords. Have a careful surfing…
