‘Greasemonkey’ Malware Targets Firefox

By | December 4, 2008

Well it seems to be the week of virus alerts.  This one from Slashdot popped up and caught my attention pretty quick.

“Researchers have discovered a new type of malware that collects passwords for banking sites but targets only Firefox. The malware, dubbed ‘Trojan.PWS.ChromeInject.A,’ sits in Firefox’s add-ons folder, registering itself as ‘Greasemonkey,’ the well-known collection of scripts that add functionality to Web pages rendered by Firefox. The malware uses JavaScript to identify more than 100 financial and money transfer Web sites, including PayPal, collecting logins and passwords, which it forwards to a server in Russia. Trojan infection can occur via drive-by download or download duping.”

I guess the old “know what you are installing” really kicks in here as well.  I use Greasemonkey for a few minor scripts.

BitDefender has updated its products to detect it, and other vendors will likely follow suit quickly, Canja said. Users could avoid it by only downloading signed, verified software, but that’s a measure that restricts the usability of a PC, he said.

The malware is not present in Mozilla’s repository of add-ons, Canja said. Mozilla had taken steps to ensure that its official site hosting add-ons — also called extensions — are free from malware.

So it boils down to, keep your antivirus definitions updated and only download from trusted locations as much as possible.  If a download looks fishy, just don’t.

One thought on “‘Greasemonkey’ Malware Targets Firefox

  1. Pingback: Best posts on Supergeekblog from 1st December – 7th December 2008 | Supergeekblog

Comments are closed.

Iconic One Theme | Powered by Wordpress