A new type of malware is disguising itself as a Firefox plugin in order to steal passwords on a users computer. Over at BitDefender they have isolated the bug known as Trojan.PWS.ChromeInject.A.

BitDefender also states that:

According to BitDefender researchers, the Trojan filters data sent by the victim to a large number of designated banking websites which are used everyday in the UK for online shopping and financial transactions.

Harvested login credentials will be sent to a web address similar to [removed]eex.ru. Both the domain and the hosting server are located in Russia, which points to the origins of this latest e-threat.

“In order to stay safe, home computer users are advised to install effective Internet Security protection and make sure they are updated regularly, to ward off these attempts,” says Viorel Canja, head of BitDefender anti-virus lab.

If you are using Firefox a scan of your system is recommended along with making sure your A/V program is up to date.

Comments welcome.