July 26, 2006 8:33 AM PDT

Trojan piggybacks on Firefox

A new Trojan horse making the rounds has been installing itself as a Firefox extension, according to security company McAfee.

The FormSpy Trojan attacks computers that have already been infected with the Downloader-AXM Trojan, according to a security advisory McAfee issued Tuesday. Once FormSpy is executed, it installs itself as a component of the Firefox Web browser.

The FormSpy spyware then gleans sensitive information, such as credit card and bank account numbers, from the user's browser and forwards it to a malicious Web site. But this Trojan is capable of other tricks, as well, McAfee noted.

The main executable is also capable of sniffing passwords from traffic for ICQ (the "I seek you" program that alerts users to the presence of acquaintances online), FTP (file transfer protocol), IMAP (Internet message access protocol, an e-mail management program) and POP3 (post office protocol, a data format for e-mail), McAfee warned.

Although the FormSpy Trojan is circulating, it is considered a low risk, McAfee said. What's more, people may have already taken steps to mitigate the earlier Downloader-AXM Trojan that is needed for the FormSpy Trojan to take hold.

See more CNET content tagged:
Networks Associates Technology Inc., McAfee Inc., trojan horse, Firefox, FTP

19 comments

Join the conversation!
Add your comment
Get a Mac
Nice it does not concern me. I have an apple at home.
Posted by jaystring (12 comments )
Reply Link Flag
They are nice at work too.
Our management authorized "unix desktops" for everyone in our
IT department a while back. We told them we needed secure
workstations. :)

Several of our managers requested Macs after seeing ours. They
are happy and we have fewer headaches to administer.
Posted by rcrusoe (1305 comments )
Link Flag
Not if your running firefox
People on Macs still run firefox and the story did not specify if the plug-in was windows specific.
Posted by Busboy2 (36 comments )
Link Flag
But..
macs are soooo boring :-(
Posted by alexgp87 (75 comments )
Link Flag
Get Paper & Pen.
It's about as useful as a Mac. And it's even more resistent to virii and trojans.
Posted by kamwmail-cnet1 (292 comments )
Reply Link Flag
I remember my first time using a computer.
I hope it's just as inspiring to you.
Posted by Macsaresafer (802 comments )
Link Flag
A non-Microsoft security threat, now _that's_ news.
See subject, eom
Posted by extinctone (214 comments )
Reply Link Flag
Misleading headline
From the headline I would think I'd be in danger from using Firefox, but the Trojan didn't piggyback on the browser; it piggybacked on an extension, which a user has to download separately and deliberately. The more accurate headline would be "Trojan piggybacks on Firefox extension." To be even more accurate, it's not just the extension but the Windows flaw that allows the other trojan to exist that allows the trojan to piggyback on the extension, but I can see how that would be hard to fit in one headline. Can we get at least 50% accuracy out of your headlines, CNET, or are you deliberately engaging in yellow journalism?
Posted by omaryak (59 comments )
Reply Link Flag
I can't blame CNET for the headline
Vulnerabilites in Microsoft products are a univeral constant, like the
sun rising in the east.

On those rare occasions when a problem occurs in a non-MS
product, no matter how minor, it is news.
Posted by rcrusoe (1305 comments )
Link Flag
Can somebody brave enough try this? Please?
Let us see if the Trojan can thrive in a Mac running the Firefox.
Posted by benjiernmd (123 comments )
Reply Link Flag
Only Common Sense
Just another common sense reason why not to keep such information stored in forms within a browser or any other form on your PC.

Walt
Posted by wbenton (522 comments )
Reply Link Flag
What the Hell is up with...
Firefox being useless do to on-going viruses.. I never thought that Firefox would end up this way...Between the dam Generic5...and spooldr...etc...it us useless to me...Back to Internet Explorer.....No problems, with the parasites so far........
Posted by Dewdrop (8 comments )
Reply Link Flag
Networkers BEWARE
If you so much as look at FIREFOX...your configurations for your network will be dumped..
Posted by Dewdrop (8 comments )
Link Flag
Firefox
This situation has been going on for days...where my computer is concerned.......Why in the hell can't FIREFOX correct the situation...very disappointed in FIREFOX...
Posted by Dewdrop (8 comments )
Link Flag
How can I remove Firefox? Will that get rid of the problem? I have tried to remove it from the add/remove programs menu and it will not delete it.
Posted by lilliz67 (1 comment )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.