“ONLINE INSECURITY firm BitDefender has detected a new variant of phishing malware that targets only Firefox users.The malicious chunk of code can infect a user’s system either via a ‘drive-by download’ that exploits a browser vulnerability or with a ‘download dump’ through duping the wibbler into authorising its download.
Once downloaded, the little nasty disguises itself as a Firefox Add-On named Greasemonkey, which is the name of a widely recognised toolset of scripts used under Firefox. The Add-On runs whenever Firefox is operating.
BitDefender has named it as “Trojan.PWS.ChromeInject.A”.”
Here is some more Tech News from around the web:
- Facebook engineering VP talks Connect @ Ars Technica
- OpenSolaris 2008.05 vs. OpenSolaris 2008.11 Benchmarks @ Phoronix
- All-in-One Printers: Buying Tips @ Digital Trends
- ITRI’s folding TFT-EPD display: ready for smartphones next year @ Engadget
Evil monkey
In case you haven’t seen the story yet, there is a new trojan wandering the web looking for unsuspecting Firefox users. Once it gets onto your system, either disguising it’s self as a valid extension install file or through a vulnerability that will allow it to sneak an install by you, it starts tyring to harvest your usernames and password for a long list of financial institutions. The Inquirer has heard no news of a fix, but if you never installed Greasemonkey and suddenly seem to have it, then you may have a problem.
