Thursday, 27 July 2006
New Trojan Acts as Firefox Extension |
| |
|
| |
A new Trojan known as FormSpy is targeting Firefox by installing itself as a Firefox extension, McAfee warns. The security firm said that it has found Web sites linked to the virus.
Upon successful execution, FormSpy hooks mouse and keyboard events in the Mozilla Firefox web browser. It can then forwards information such as credit card numbers, passwords and URLs typed in the browser to a malicious website hosted at IP address 81.95.xx.xx.
Typically, Mozilla Firefox components are installed via .xpi files where users are prompted to confirm the installation. FormSpy writes and modifies Mozilla configuration files directly which bypasses this confirmation process, said McAfee.
Mozilla Firefox has become a popular alternative to Internet Explorer, and it has now become the target of spyware and Trojan attacks. McAfee advises users to exercise caution in downloading and installing unsigned extension components from unreliable sources.
|
| |
|
|
| |
|
|
| |
|
|
| |
|
