Most Popular

Top Stories Latest Featured

Sony unveils its "non netbook" Vaio P series

Windows 7 64-bit version hits torrent sites

Windows 7 beta released to testers, public beta coming tomorrow

AMD Phenom II X4 940 & 920 review @ TechSpot

SanDisk intros next-gen SSDs for netbooks

Left 4 Dead DLC arriving next week?

Weak demand causes Intel to issue revenue warning

Palm announces webOS platform and demos Palm Pre

More Top Stories

Downloads & Drivers

Downloads Drivers Essentials

EF Commander 6.82

K-Lite Mega Codec Pack 4.4.5

LimeWire 4.18.8

Aplus Video Joiner 8.85

Express Burn 4.17

More Downloads

TS Community

Recent Discussions Community Archive

Blue screen error, please help

Western Digital external hard drive problem

Hooking Xbox360 up to Monitor

HP / Dell / etc. laptop password help thread

Win XP on two computers?

More at the Forum

Subscribe

Newsletter Our Feeds

Receive weekly updates on new articles, news and contests in your mail!

Email address:

Information Technology

Malicious FireFox extension seeks to steal private data

By Justin Mann, TechSpot.com
Published: July 26, 2006, 5:36 PM EST

FireFox users beware, a rogue extension dubbed “FormSpy” is out to steal private information. Disguising itself as the very legitimate NumberLinks extension, the malware will actively look for passwords and private information like credit card numbers, as well as monitoring things like FTP and email traffic for private data. Primarily, a user gets infected by this extension through a piece of 3rd party software called Downloader-AXM. While that particular piece of software only affects Windows users, the fact that malicious extensions exist goes to show that ultimately, no matter how much security a system has, the user still has to make up their mind as to what they allow on their machines. You can read McAfee's security response here.

Related Stories

4 comments
RSS

User Comments (4)

Post a comment
DragonMaster
on July 26, 2006
6:01 PM		Hopefully, NumberLinks doesn't look as something that is used by a lot of people. (Doesn't seem very useful)

Just hoping Mozilla will do something about this -> Make extensions harder to install. They should include this before FFX2 is released.

ThomasNews
on July 27, 2006
2:18 AM		Making extensions harder to install for the End User isn't really the solution. The user needs to be more aware of what they are installing & not just blindly clicking Yes to prompts. The only thing I could imagine they would/could do is to valid an extension has been downloaded from Mozilla's secure extension sites/or some Extension whitelist.

spike
on July 27, 2006
8:57 AM		I suppose there could be some kind of encrypted signing system, where extentions have to be approved and signed by the Moz/FF community, and firefox will only accept extentions with that signing. It's not the best solution ideologically perhaps, but it works (for now, until the signing were to get cracked).

DragonMaster
on July 27, 2006
10:27 PM		The only thing is that an automated script can easily install a new extension just by copying files in the Mozilla folder w/o anyone noticing.

Browse more commented news