Malware posing as Firefox plugin steals login information

By

Victims infected with new malware may have their financial login credentials sent to a web address in Russia.


Victims infected with new malware may have their financial login credentials sent to a web address in Russia.

If you have an account at Bank of America, Chase, Wachovia, PayPal or e-gold, you may be sharing your financial information with a host in Russia.

According to researchers at BitDefender's anti-virus research labs, a new threat -– called Trojan.PWS.ChromeInject.A -– is designed to be delivered onto a compromised computer, and moved into Mozilla Firefox's plug-in folder. 

In other words, as BitDefender alert said, the malware “…is downloaded to a Mozilla Firefox plug-in folder and is executed each time the user opens Firefox.”

Specifically, the malware filters the URLs within the Mozilla Firefox browser and whenever it encounters financial account addresses opened in the browser it captures the login credentials. BitDefender further claimed that the program “filters data sent by the user to over 100 online banking websites.”

Victims infected with the malware may have their login credentials sent to a web address in Russia.

Viorel Canja, head of BitDefender anti-virus lab, said in a statement, "Users should be aware of the risks they are facing if such confidential information is stolen."

See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Log In

  |  Forgot your password?