Trojan piggybacks on Firefox

A new Trojan horse making the rounds has been installing itself as a Firefox extension, according to security company McAfee.

The FormSpy Trojan attacks computers that have already been infected with the Downloader-AXM Trojan, according to a security advisory McAfee issued Tuesday. Once FormSpy is executed, it installs itself as a component of the Firefox Web browser.

The FormSpy spyware then gleans sensitive information, such as credit card and bank account numbers, from the user's browser and forwards it to a malicious Web site. But this Trojan is capable of other tricks, as well, McAfee noted.

The main executable is also capable of sniffing passwords from traffic for ICQ (the "I seek you" program that alerts users to the presence of acquaintances online), FTP (file transfer protocol), IMAP (Internet message access protocol, an e-mail management program) and POP3 (post office protocol, a data format for e-mail), McAfee warned.

Although the FormSpy Trojan is circulating, it is considered a low risk, McAfee said. What's more, people may have already taken steps to mitigate the earlier Downloader-AXM Trojan that is needed for the FormSpy Trojan to take hold.

[jaystring]

Get a Mac

Nice it does not concern me. I have an apple at home.

[rcrusoe]

They are nice at work too.

Our management authorized "unix desktops" for everyone in our
IT department a while back. We told them we needed secure
workstations. :)

Several of our managers requested Macs after seeing ours. They
are happy and we have fewer headaches to administer.

[Busboy2]

Not if your running firefox

People on Macs still run firefox and the story did not specify if the plug-in was windows specific.

[alexgp87]

But..

macs are soooo boring :-(

[kamwmail-cnet1]

Get Paper & Pen.

It's about as useful as a Mac. And it's even more resistent to virii and trojans.

[Macsaresafer]

I remember my first time using a computer.

I hope it's just as inspiring to you.

[extinctone]

A non-Microsoft security threat, now _that's_ news.

See subject, eom

[omaryak]

Misleading headline

From the headline I would think I'd be in danger from using Firefox, but the Trojan didn't piggyback on the browser; it piggybacked on an extension, which a user has to download separately and deliberately. The more accurate headline would be "Trojan piggybacks on Firefox extension." To be even more accurate, it's not just the extension but the Windows flaw that allows the other trojan to exist that allows the trojan to piggyback on the extension, but I can see how that would be hard to fit in one headline. Can we get at least 50% accuracy out of your headlines, CNET, or are you deliberately engaging in yellow journalism?

[rcrusoe]

I can't blame CNET for the headline

Vulnerabilites in Microsoft products are a univeral constant, like the
sun rising in the east.

On those rare occasions when a problem occurs in a non-MS
product, no matter how minor, it is news.

[benjiernmd]

Can somebody brave enough try this? Please?

Let us see if the Trojan can thrive in a Mac running the Firefox.

[wbenton]

Only Common Sense

Just another common sense reason why not to keep such information stored in forms within a browser or any other form on your PC.

Walt

[Dewdrop]

What the Hell is up with...

Firefox being useless do to on-going viruses.. I never thought that Firefox would end up this way...Between the dam Generic5...and spooldr...etc...it us useless to me...Back to Internet Explorer.....No problems, with the parasites so far........

[Dewdrop]

Networkers BEWARE

If you so much as look at FIREFOX...your configurations for your network will be dumped..

[Dewdrop]

Firefox

This situation has been going on for days...where my computer is concerned.......Why in the hell can't FIREFOX correct the situation...very disappointed in FIREFOX...

[lilliz67]

How can I remove Firefox? Will that get rid of the problem? I have tried to remove it from the add/remove programs menu and it will not delete it.