User’s of Firefox are at Risk?

Base from the researchers of anti-virus vendor BitDefender have come across an innovative piece of malware that hides itself and functions as a Firefox extension. The malicious add-on is a trojan that monitors user activity on numerous banking sites and steals the login credentials. In order to fly under the radar, this trojan, identified by BitDefender as Trojan.PWS.ChromeInject, registers itself to the browser as “Greasemonkey.” Greasemonkey is actually the name of an advanced and legit Firefox extension that allows users to modify the appearance and rendering of visited web pages, through local JavaScript files.

Basically, the malware consists of a DLL file, called npbasic.dll that is dropped into the Firefox plugins directory and a JavaScript file, browser.js that sits in the chrome folder. Finding these two files on a computer in the respective locations is an indication of an infection with this trojan. Fortunately, this malicious piece of software does not feature self-replication, and is not available in Mozilla’s official add-ons repository. Instead, it is downloaded and installed by other malware.

This new type of attack comes after a November in which Firefox’s market share reached the 20% marker, for the first time in the browser’s history. A lot of professionals estimate that this number will increase even more with the release of Firefox 3.1, which will bring unprecedented JavaScript performance. This could mean other similar threats might be taking off, with malware authors trying to benefit from the increasing popularity of Firefox and the general users’ belief that it’s safer than Internet Explorer.

Related posts:

• Make Your Old Firefox Extensions Work With Firefox 3
• Firefox 3.0.1 Drops Next Week!
• Download now! “Firefox 3.1 Beta 1″
• some lesser known Firefox about:config parameters
• cool Firefox cheat