I'm interested in infostealers and specifically in banking-trojans so I didn't want to miss this one. Samples of Carberp are floating around at least since last spring but in late September we saw such numbers increasing.
Taking a look at how Carberp hooks API it looks like yet another Zeus "clone". What I found interesting is how it hooks system calls. This is how a normal syscall looks like