2 replies to this topic

[macbyte]

FYI -

I am new to the forums, so forgive me if this is an "older" threat - it hit the mainstream news today in Network World and other places.
I just wanted to be sure that the team is aware of it.

http://www.networkworld.com/news/2008/1204...1hb&hpg1=mp

[indent]Researchers at BitDefender have discovered a new type of malicious software that collects passwords for banking sites but targets only Firefox users.

The malware, which BitDefender dubbed "Trojan.PWS.ChromeInject.A" sits in Firefox's add-ons folder, said Viorel Canja, the head of BitDefender's lab. The malware runs when Firefox is started.
Read the latest WhitePaper - Securing endpoints by unifying essential components in a single agent

The malware uses JavaScript to identify more than 100 financial and money transfer Web sites, including Barclays, Wachovia, Bank of America, and PayPal along with two dozen or so Italian and Spanish banks. When it recognizes a Web site, it will collect logins and passwords, forwarding that information to a server in Russia.
[/indent]

Does MBAM detect and remove this type of threat?

-Macbyte

[sho-dan]

Hello macbyte, Welcome to Malwarebytes. Pull up a chair and get comfy.

I was reading just that article today, heres a bit more info on this bugger

Quote

More details on the bank sites targeted, along with the general behaviour of the Trojan, can be found in a write-up by BitDefender

http://www.bitdefender.com/VIRUS-1000451-e...meInject.B.html

[macbyte]

sho-dan, on Dec 5 2008, 09:14 PM, said:

Hello macbyte, Welcome to Malwarebytes. Pull up a chair and get comfy.

I was reading just that article today, heres a bit more info on this bugger
http://www.bitdefender.com/VIRUS-1000451-e...meInject.B.html

Thanks for the welcome...
I'm impressed with the forum's helpful guides/mods.
Malware unfortunately has become it's own industry and it is always interesting to see the next "targets" - FF's ~20% marketshare probably has the malware writers attention now.

macbyte