Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Firefox plug-in Trojan harvests logins

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

____/ Sinister Midget on Thursday 04 December 2008 19:12 : \____

> On 2008-12-04, nessuno@xxxxxxxxxxxxxxxxxxx <nessuno@xxxxxxxxxxxxxxxxxxx>
> claimed:
>><Quote>
>> Virus writers have latched onto the popularity of Firefox with a new
>> variant on the established practice of stealing online banking
>> passwords.
>>
>> A password pinching Trojan that poses as a Firefox Plugin is doing the
>> rounds... ChromeInject-A is typically downloaded onto Windows PCs
>> already compromised by other strains of malware.
>>
>> Once installed, the Trojan sits in Firefox's Plugin folder, activating
>> every time the popular browser is started. The backdoor code looks for
>> data exchanged between a compromised machine and a list of pre-
>> programmed banking sites in Europe, Australia and the US.
>></Quote>
>>
>> Only works on Windows machines already compromised by worms or
>> viruses.   Not hard to find, evidently.
> 
> Good thing the payoff is something other than noteriety. They'd be one
> face in a massive, faceless crowd if they were competing for bragging
> rights for screwing up Winders boxen.

Some Firefox flaws that are reported are Windows-only. Attempts do mimic
Windows/IE functionality does more harm than good.

Windows gives a bad name to Firefox. Time to bail out.

- -- 
                ~~ Best of wishes

For governments that eavesdrop, here is a quick list of tags: Communism,
Hawaiian shirts, China, Suitcase, Martha Stewart, Encryption, Prison, Stalin.
Thanks for tuning in.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkk4dCUACgkQU4xAY3RXLo7+cgCfa0Nq9FkW3gYwLRfob5g5oUeo
1ZoAnR/HPqGcipY/z1zrVAIfVXiY0BND
=/3cd
-----END PGP SIGNATURE-----

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index