BitDefender detects novel approach to stealing web passwords

December 2008


A password stealing trick masquerades as a Firefox Plugin, to filter ▒sent▓ login credentials

A new type of malware designed to harvest web passwords has been detected in-the-wild by BitDefender▓s antivirus research labs. This latest e-threat √ called Trojan.PWS.ChromeInject.A √ is intended to be delivered onto a compromised computer system by other malware for subsequent download into Mozilla Firefox's Plugin folder. Once installed it gets to work every time Firefox is started.

According to BitDefender researchers, the Trojan filters data sent by the victim to a large number of designated banking websites which are used everyday in the UK for online shopping and financial transactions.

Harvested login credentials will be sent to a web address similar to [removed]eex.ru. Both the domain and the hosting server are located in Russia, which points to the origins of this latest e-threat.

⌠In order to stay safe, home computer users are advised to install effective Internet Security protection and make sure they are updated regularly, to ward off these attempts,■ says Viorel Canja, head of BitDefender anti-virus lab.

For further details on the latest malware detected in the wild, please visit BitDefender▓s Defense Portal site.


Share This ON: