PWS-FerTP is a Trojan that attempts to steal FTP account details on infected machines and posts them to a remote server. It also injects malicious HTML code in HTML and PHP scripts found on FTP repositories.

When executed, PWS-FerFTP retrieves FTP account details saved by the following applications, if installed:

FAR Manager
GlobalScape CuteFTP
Ghisler Total Commander

It also switches the first network adapter found to promiscuous mode and save every FTP account transiting through the network.

More information can be found at this McAfee page.