Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spyware Disguises Itself as Firefox Extension

Posted by ryuzaki0 on from the not-yet-linux-compatible dept.

Juha-Matti Laurio writes "The antivirus specialists at McAfee have warned of a Trojan that disguises itself as a Firefox extension. The trojan installs itself as a Firefox extension, presenting itself as a legitimate existing extension called numberedlinks. It then begins intercepting passwords and credit card numbers entered into the browser, which it then sends to an external server. The most dangerous part of the issue is that it records itself directly into the Firefox configuration data, avoiding the regular installation and confirmation process."

1 of 247 comments (clear)

  1. Clarification by tonyr1988 · · Score: 1, Redundant

    The numberedlinks on mozdev is legitimate and "trojan"-free. As others have said, you have to open the attachment in an e-mail for the evil one to work.

    AFAIK, as long as you get your attachments from the Get More Extensions link (which most people that I know do), then you should be safe.