Trojan Phishing Malware Disguises As Firefox Add-On

Security Firm BitDefender said that a new type of malicious software is targeting Mozilla Firefox users, posing as popular add-on Greasemonkey, which is used to customise user experience on several websites.

Romanian-based Bitdefender has detected the malware - that hides in the open source browser's plugin folder - in the wild in UK and named it Trojan.PWS.ChromeInject.A.

Victims' PCs can be compromised either through "drive-by downloads" which exploit a flaw in the browser itself or by using social engineering to convince the user to download and install the trojan horse.

According to Bitdefender's own researchers, the trojan horse filters data sent by the victim to a number of known financial websites - some sources put that number at more than 100 - and then sends the harvested data to a website based in Russia.

Viorel Canja, head of BitDefender anti-virus lab, said that "“In order to stay safe, home computer users are advised to install effective Internet Security protection and make sure they are updated regularly, to ward off these attempts"

Firefox now represents a fifth of the global browser market and it is not surprising that hackers have started to craft viral attacks aimed only at Firefox users; and it is likely to become worse.

The attack is likely to affect all current versions of Firefox (including Minefield) and across most platforms (Windows and Linux) as it uses Javascript to operate.

Related Content

BitDefender detects novel approach to stealing web passwords

Trojan horse phishes for bank accounts

Firefox users targeted by rare piece of malware

Firefox users hit by password-stealing Trojan

Malware writers spoof Firefox plug-in

Firefox users targeted by bank password stealing Trojan