The Dorkbot malware aims to steal login credentials from services such as Gmail, Facebook, PayPal, Steam, eBay, Twitter, and Netflix.
It was first spotted around April 2011. Users typically get infected by browsing to websites that automatically exploit vulnerable software using exploit kits and through spam. It also has a worm functionality and can spread itself through through social media and instant messaging programs or removable media drives.