Friday, July 3, 2009

First Firefox Malware : Trojans Stealing Passwords Typed in Firefox using Firefox Add-on Disguise

First Firefox Malware : Trojans using Firefox Add-on Disguise
Roll your mouse over topics to expand them... :)
Information On Malware

Symptoms of Infection

List of Accounts mainly under attack

What To Do If Infected
Bitdefender released information on this threat naming it as Trojan.PWS.ChromeInject.A, which spawns with the execution of Firefox and poses as a Plug-in to it, mainly works on Key Banking... can get access to all your passwords entered in the Password boxes opened in Firefox Browser.

The ChromeInject suffix refers to the Chrome component Firefox has. This malware infects your machine via drive-by download or download duping.
Once installed on the machine it registers itself as a fake 'GreaseMonkey' (a great firefox add-on for website customization using javascripts), and using javascript checks your machine for mainly banking passwords of more than 100 sites (like PayPal, etc.).
All this sensitive data collected by it is then transferred online to a server supposed to be located in Russia.

So, don't stop using Greasemonkey... but make sure you download it from, so that you don't fall pray to malware.

No comments:

Post a Comment