Most Popular
| Top Stories | Commented | Featured |
TechSpot Blog: Disable Windows automatic check for solutions after a program crashes featured
Weekend Open Forum: Google Chrome OS and the future of cloud computing featured
Tech Tip of the Week: Unearth Region-Specific Windows 7 Themes featured
Sony: PlayStation 3 to be 3D-capable via firmware update
Weekend tech reading: How to run Chrome OS as a virtual machine
Facebook named third most popular video website behind YouTube and Hulu
iSuppli: DDR3 to account for over half of DRAM shipments by Q2 2010
TS Community
| User Gallery | Recent Discussion |
 keyboard and mouse at nite by BringinHeat |  my desktop by therealdeal329 |
 Inspiration - Sometimes it comes from the wrong place by Rick |  gottal love the painted world by jtickner1 |
TechSpot RSSSoftware
New Firefox malware attempts to steal passwords
Browser malware has generally targeted IE in the past, since it's the biggest target and doesn't exactly have a good reputation for security. That's one of the main reasons why Firefox has become as big as it has, with a worldwide market share around the 20% mark. That increase in usage has also made it become a bigger target, and now a new piece of malware has been identified that specifically targets Firefox.
The malware, called ChromeInject, holes up as an add-on in Firefox and identifies when you are visiting certain financial sites, like PayPal, to harvests usernames and password for those sites. Afterwards those logins get sent off to a remote server, where they are no doubt used to drain or transfer funds from people's accounts. Users still must visit a malicious or compromised site to become infected by this trojan, and security products are already being updated to detect it. One of the easiest steps to prevent infection is just to make sure any add-ons you install come from an official source, like Mozilla's repositories.
Even if the odds of infection are low, seeing harmful software written specifically for Firefox does demonstrate that it is now becoming large enough for people, including people with bad intentions, to take notice of it.
The malware, called ChromeInject, holes up as an add-on in Firefox and identifies when you are visiting certain financial sites, like PayPal, to harvests usernames and password for those sites. Afterwards those logins get sent off to a remote server, where they are no doubt used to drain or transfer funds from people's accounts. Users still must visit a malicious or compromised site to become infected by this trojan, and security products are already being updated to detect it. One of the easiest steps to prevent infection is just to make sure any add-ons you install come from an official source, like Mozilla's repositories.
Even if the odds of infection are low, seeing harmful software written specifically for Firefox does demonstrate that it is now becoming large enough for people, including people with bad intentions, to take notice of it.
User Comments (5)
Post a comment| tekcurious on December 5, 2008 7:05 PM | hunt down the person or group, have them hang or lock on a 4x4 cell dungeon for life.
|
| keshava108 on December 6, 2008 12:04 PM | duh, i wonder who wold have incentive to concoct this malware, surely not the makers of security products ;]. Good old capitalism at work
|
| jeffclough on December 8, 2008 9:27 AM | Originally posted by keshava108: duh, i wonder who wold have incentive to concoct this malware, surely not the makers of security products ;]. Good old capitalism at work If you have more than the usual FUD to offer, make a direct accusation. We'd all be interested to hear what you know and can demonstrate to be true of the information security industry that might lead you to distrust it.Otherwise ... I wonder who might wish to think the worst of others. Surely not someone who would rather project his own darker tendencies outward than actually deal with them. Cynicism is just another type of credulity, one that feeds on guilt rather than innocence.
|
| keshava108 on December 9, 2008 1:57 AM | I directly accuse security experts of intentionally inventing malware, is that good enuff for u. Some r on the dark side and i am quite sure some r on the good side of the force. I was more thinking that the accumulation of wealth being the prime measure of one's class ie capitalism, (not the free market, which has nearly always existed regardless of politics) is a major factor in the ruin of higher principles.
|
| purplelion on December 9, 2008 9:21 AM | "One of the easiest steps to prevent infection is just to make sure any add-ons you install come from an official source" PLEASE NOTE: This virus installs itself as an add-on when Firefox starts without asking! I have searched through the various menus looking for a way to block it. Is there a way to block all add-ons or specific add-ons.
|
