On December 3,2008 BitDefender uncovered a new type of password stealing application. This latest e-threat – called Trojan.PWS.ChromeInject.A – is intended to be delivered onto a compromised computer system by other malware for subsequent download into Mozilla Firefox’s Plug-in folder. Once installed it gets to work every time Firefox is started.
This new malware uses JavaScript to identify more than 100 financial and money transfer Web sites, including Barclays, Wachovia, Bank of America, and PayPal. This Malware collects login and passwords and sends them to a remote server located at Russia.
Firefox is becoming favorite browser for malware authors because of Firefox’s market share has gone up in last four years. Users could be infected with the Trojan either from a drive-by download, which can infect a PC by exploiting a vulnerability in a browser, or by being duped into downloading it. BitDefender has updated its products to detect it, and other vendors will likely follow suit quickly. Users could avoid it by only downloading signed, verified software, but that’s a measure that restricts the usability of a PC, says Viorel Canja, head of BitDefender anti-virus lab.
