WikiLeaks yesterday released documentation on two very specific scripts meant to steal OpenSSH login credentials from the client side. One script is for Windows clients, the other for Linux clients.
On the Windows side of things, they have released documentation on a script called BothanSpy...