Slashdot Mirror


'Greasemonkey' Malware Targets Firefox

snydeq writes "Researchers have discovered a new type of malware that collects passwords for banking sites but targets only Firefox. The malware, dubbed 'Trojan.PWS.ChromeInject.A,' sits in Firefox's add-ons folder, registering itself as 'Greasemonkey,' the well-known collection of scripts that add functionality to Web pages rendered by Firefox. The malware uses JavaScript to identify more than 100 financial and money transfer Web sites, including PayPal, collecting logins and passwords, which it forwards to a server in Russia. Trojan infection can occur via drive-by download or download duping."

2 of 370 comments (clear)

  1. Username/password combo for banks flawed. by Vellmont · · Score: 5, Interesting

    It's just part of the mounting evidence that username/password combinations for banks is inherently flawed. "Somthing you know" can always easily be known by someone else. Bank security should (IMO) be also based on "something you have", like an ATM card.

    If banks really wanted two-way authentication to work properly, they'd use a hardware device (USB-key) that had to be present in the machine to login to your account. The hardware device would be implemented in such a way to make it impossible to copy the functionality of it without physical access to it.

    --
    AccountKiller
  2. Re:only firefox? by Ed+Avis · · Score: 5, Interesting

    The cool thing about Firefox is that you can basically force users into installing malware by exploiting bug 59314. Just keep popping up a dialogue box (with no way to stop it or switch to another tab) until the user gives in and says yes.

    --
    -- Ed Avis ed@membled.com