Saturday, October 09, 2010
Firefox trojan sets up automatic password saving and keylogging without user's knowledge
The InfoSecurity story is here. Andrew Brandt, of the Denver security company, has a blog posting in which he says that Firefox will “forego forgetting passwords”, as here.
He recommends downloading the latest Firefox installer from here . It’s interesting that this trojan targeted Firefox first, since Firefox has been considered safer than IE.
Webroot tracked the virus hacker to Iran, and it is not clear that any use has been made of any stolen passwords. However, conceivably an enemy could use a device like this against an institution’s critical systems. It may be a good idea for home users with Firefox to run a scan against the latest definition file soon, before reloading Firefox.