Xegben

Mozilla Firefox users are being targeted by a new Trojan that steals online banking passwords.
According to security researchers at BitDefender, Trojan.PWS.ChromeInject.A identifies banking and money transfer websites such as Barclays and PayPal though JavaScript, and then collates the logins and passwords before forwarding them to server in Russia.

firefox_logo_100_sqThe malware, which is being spread by drive-by downloads or by duping users into downloading it, is stored in the Firefox add-on folder and is registered as 'Greasemonkey', which are scripts that add extra functionality to Firefox. It starts working as soon as the browser is opened.
However, the malware is not being obtained from Mozilla's official Firefox add-on site and the software manufacturer ensures all new add-ons are scanned for threats before being published.
Viorel Canja, the head of BitDefender's lab, explained that Firefox's increasing market share may be one reason why malware authors are targeting the browser.
Canja urged Firefox users worried about the Trojan to only download signed, verified software.
The Open Sourcerer said on Saturday, 06 December 2008
This story is so bad... First the malware only gets inserted once your computer has already been compromised by something else first.
Secondly - this ONLY affects Windows (surprise surprise). If you use Firefox on Linux or Mac, you are fine.
Hell Noire said on Monday, 08 December 2008
Would you like to name the add-on so we know to avoid it?
redstringuitar said on Wednesday, 10 December 2008
Bitdefender shares a business interest with Microsoft, you can only access their online scanner using active-x through IE. They're just doing Big Daddy a favour!