Ready to 
Firefox nabbed by spyware
UK Romanian security vendor BitDefender has identified a new strain of malware explicitly designed to attack Firefox by exploiting the popular addons feature.
The exploit, identified as Trojan.PWS.ChromeInject.A, registers itself as an addon with Firefox and is configured to relay a user’s credentials for more than 100 global financial institutions. Using JavaScript to execute its function, this new strain of malware registers itself as the harmless and popular Greasemonkey addon.
Information stolen as a result of Chromeinject.A is sent to a server in Russia, the fount from which all malware seems to spring.
Though this attack is clearly amongst the first of its kind for the popular Firefox browser, the attack cannot be directly installed through Firefox. The payload is instead delivered in conjunction with another piece of malware that a user can attract by using another browser, or as a result of a user being duped into installing malicious software.
RSS