BitDefender Uncovers New Password Stealing Application

Look in this specific forum for newly found security threats which may not yet be covered by your usual security software

Moderators: Admin Team, Moderators

User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

BitDefender Uncovers New Password Stealing Application

Postby TeMerc » Wed Dec 03, 2008 7:37 am

BitDefender® announced that a new type of password - stealing application disguised as a Mozilla Firefox Plugin has been detected in the wild. The e-threat, Trojan.PWS.ChromeInject.A, is downloaded to a Mozilla Firefox Plugin folder and is executed each time the user opens Firefox.

Trojan.PWS.ChromeInject.A filters data sent by the user to over 100 online banking websites. The banking websites include: bankofamerica.com, chase.com, halifax-online.co.uk, wachovia.com, paypal.com and e-gold.com. Users infected with Trojan.PWS.ChromeInject.A have their login credentials sent to a web address similar to [removed]eex.ru. Both the domain and the hosting server are located in Russia, which could indicate the origin of this e-threat.

“Users should be aware of the risks they are facing if such confidential information is stolen,” said Viorel Canja, head of BitDefender anti-virus lab.
0-= Bit Defender
Image

User avatar
Johnincal
Moderators
Moderators
Posts: 732
Joined: Fri Feb 18, 2005 2:53 am
experience: I know the functions, OS settings, registry tweaks and more
PC time: About 3 hours a day
Location: Las Vegas, NV. USA

Re: BitDefender Uncovers New Password Stealing Application

Postby Johnincal » Wed Dec 03, 2008 8:56 pm

Hmmm...

It doesn't say what the plug-in is called, or how it is being spread... hm?

User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

Re: BitDefender Uncovers New Password Stealing Application

Postby TeMerc » Wed Dec 03, 2008 10:36 pm

Johnincal wrote:Hmmm...

It doesn't say what the plug-in is called, or how it is being spread... hm?
From the article, and I'm just guessing, and that's a good point, it's not very clear, but I want to say its via email:
The e-threat, Trojan.PWS.ChromeInject.A, is downloaded to a Mozilla Firefox Plugin folder and is executed each time the user opens Firefox.
Image


Return to “EMERGING SECURITY THREATS!”

Who is online

Users browsing this forum: No registered users and 2 guests