About us
Contact us
RSS
Newsletters
Blogs
Video
Follow us on Twitter
EVENTS
TOPIC AREAS
RESOURCE CENTRE
News
05 December 2008
Firefox hit by malware
Firefox users have been targeted by a new type of malicious software. The malware, which has been identified by security researchers at BitDefender, collects passwords for banking sites and has been dubbed "Trojan.PWS.ChromeInject.A"
The malware, which sits in Firefox's add-ons folder, said Viorel Canja, the head of BitDefender's lab, runs when Firefox is started and uses JavaScript to identify more than 100 financial and money transfer websites, including Barclays, Wachovia, Bank of America, and PayPal along with two dozen or so Italian and Spanish banks. When it recognizes a website, it will collect logins and passwords, forwarding that information to a server in Russia.
Firefox has been continually gaining market share against main competitor Internet Explorer since its debut four years ago, which may be one reason why malware authors are looking for new avenues to infect computers, Canja said.
Users could be infected with the Trojan either from a drive-by download, which can infect a PC by exploiting a vulnerability in a browser, or by being duped into downloading it, Canja said.
When it runs on a PC, it registers itself in Firefox's system files as "Greasemonkey," a well-known collection of scripts that add extra functionality to web pages rendered by Firefox.
BitDefender has updated its products to detect it, and other vendors will likely follow suit quickly, Canja said. Users could avoid it by only downloading signed, verified software, but that's a measure that restricts the usability of a PC, he said.
The malware is not present in Mozilla's repository of add-ons, Canja said. Mozilla had taken steps to ensure that its official site hosting add-ons - also called extensions - are free from malware.
In May, Mozilla acknowledged that the Vietnamese language pack for Firefox contained a bit of unwanted code. Although widely reported as a virus, the language actually contained a line of HTML code that would cause users to view unwanted advertisements.
Mozilla now scans new add-ons for malware. However, those scans will only detect known threats, and there was no signature in the security software Mozilla was using at the time that could detect the code.
Mozilla said the code probably ended up in the language pack after the PC of its developer became infected. More than 16,000 people downloaded the language pack, but only about 1,000 people regularly use it.
After the incident, Mozilla said it would scan add-ons in its repository when anti-virus signatures were updated.
Follow highlights from Techworld on Twitter
Stay Informed > Subscribe to our Newsletters
The UK IT News widget Get it for your site!
<<newer article | back to index | older article>>
close
close
Email this article to a friend or colleague:
PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.
close
- This article is now being printed.
close
What are your views on this subject? Use the form below to post a comment on this article up to 1000 characters.
close
What is this?
Click below to add 'Firefox hit by malware' to your blog.
If you do not have a ComputerworldUK Account and would like to use this feature, please Register.
If you are a registered, logged-in user, this will post the title and first paragraph of this story to your blog to share with your readers.
WHITE PAPERS
Seven Ways ITIL Can Help You in an Economic Downturn
- Learn more about how ITIL can help your business weather the economic storm, and how it can leave you better positioned for growth when the economy begins to rebound.
Make Compliance Work For You
-
Learn how to make compliance work for you, rather than the other way around, with this whitepaper form Oracle.
Recent Techworld features
- Can Linux distros survive Chrome OS?
- Will Chrome force a rethink on Windows?
- Vendors start making progress towards cloud communication
- Unified communications arena gets more crowded
- Say 'No' to SQL
Recent Techworld reviews
- AutoSave Encrypt
- VSS Monitoring 4x24 Distributed Filter Tap
- LG XD1 eSATA drive
- Asterisk 1.4
- Xandros Presto Linux
Latest PC Advisor news
- BT ramps up superfast broadband upgrade
- Mesh pays users £5 to upgrade to Windows 7
- Google Chrome OS FAQ
- Microsoft Imagine Cup winners tackle world peace
- Yahoo updates YQL, API for joining web data
WHITE PAPERS
- Seven Ways ITIL Can Help You in an Economic Downturn
Learn more about how ITIL can help your business weather the economic storm, and how it can leave you better positioned for growth when the economy begins to rebound. - Make Compliance Work For You
Learn how to make compliance work for you, rather than the other way around, with this whitepaper form Oracle. - Modernizing IT: Strategies for Improving Service Quality and Reducing IT Costs
Working harder simply won’t get you there. No matter how many people you allocate, sinking more labour into old IT practices cannot concurrently meet rising demands on IT and cut costs. Read about cost-effective, automated ways to meet this challenge head-on in this whitepaper. - Security and Trust: The Backbone of Doing Business over the Internet
When shopping online, consumers are concerned about identity theft and are therefore wary of providing untrusted sources with their personal information, especially their credit card details. Find out how to gain the trust of online customers. - Business Continuity - Are you always open for business?
Business continuity is not an end in itself, but the key to improving performance. Oracle solutions for midsize organisations contribute by providing a secure, easily accessible, and always available information infrastructure thats's also simple and cost-effective to manage. This Oracle Business Brief explains how.
Techworld topic pages
|
|
- About Techworld | Contact | Privacy Policy | About IDG | All contents © IDG 2009 | webmaster@techworld.com
- Infoworld | Networkworld | Tecchannel | Techworld Netherlands | IT World Canada
Comments received
The Open Sourcerer said on Saturday, 06 December 2008
You should also mention that these attacks are only effective on the Windows platform.
Firefox on Linux or Mac is fine...
Solution from Search-and-destroy. said on Monday, 15 December 2008
If you own a computer, you must have antispyware to keep it running at its best. The problem is choosing a scan that works. I have tried many different types of scans in the past and then I ran across Search-and-destroy Antispyware. I have to say that the antispyware solution from Search-and-destroy is the best that I have used to date. It gets the job done and keeps my computer working like new. If you are interested in seeing for yourself just how good this antispyware works you can click on http://www.Search-and-destroy.com/antispyware.html to learn more. I’m sure it would be worth your time to check it out.