Firefox users at risk
Researchers from the anti-virus vendor BitDefender have come across an innovative piece of malware that hides itself and functions as a Firefox extension. The malicious add-on is a trojan that monitors user activity on numerous banking sites and steals the login credentials.
BitDefender has assigned a “very high” damage level for this threat, mainly because of the over 100 banking websites it filters. The likes of US Bank, PayPal, Bank of America, E-Gold are on the list, along with tens of banks from the UK, Spain, Italy, Germany, Australia, France, and even one from the Isle of Man. The trojan forwards the collected data to a server located in Russia.
Signatures for the detection of the ChromeInject trojan are likely to be released by the other antivirus vendors as well, so keeping your security solution updated is very important, as Viorel Canja, head of BitDefender anti-virus lab, points out. “In order to stay safe, home computer users are advised to install effective Internet Security protection and make sure they are updated regularly, to ward off these attempts,” says Mr. Canja.
If this malware running as a Firefox plugin technique takes off, it will be interesting to see Mozilla’s response. Maybe providing an option to restrict installation of add-ons from the interface only would be a solution to mitigate this new type of attack.
Oh dear Xacker
Source : Softpedia