Feb 28, 2009

Firefox Trojan Steals Passwords

A new Trojan horse program identified by anti-malware company BitDefender as Trojan.PWS.ChromeInject.B works as a Firefox plug-in.

Two files, one Javascript and one Windows executable, conspire to steal user logon credentials whenever you log on to one of 103 domains, largely belonging to banks (see the BitDefender link for the complete list). The sites are largely out of the US.

BitDefender identifies ChromeInject as "...the first malware that targets Firefox." It's the first we've heard of as well. The writeup has no information on how the file is being distributed or if it's mislabeled as something else, but they give it a spreading factor of "very low".

Take this as a warning, in case you thought otherwise, that Firefox is vulnerable to all the usual forms of attack. Use common sense when surfing even in Firefox, and especially when installing plug-ins. (story Link)

No comments: