I've already do severals posts about EDF phishings:
Phish-BankFraud (EDF, CAF, and now Carrefour)
But this time let's see one source: a compromised french machine...
The machine was also used to search other machines with weak passwords
For example, another French compromised machine used for spam:
French doctor compromised: