Firefox Trojan Virus Forces Browser to Save Your Passwords
posted Sunday Oct 10, 2010 by Nicholas DiMeo
If you needed yet another reason to switch from Firefox, I have one. A recent Trojan virus on Mozilla's browser forces Firefox to save user passwords and then use them to open a new user account on the computer that is infected.
As you should already know, most security advisors and people with common sense tell you to never have Firefox store your passwords since their security to protect them can easily be broken by simple malware.
For more on the recent Trojan, hit the break.
Security company Webroot posted in a blog this week about what the virus is and what it can do to your computer.
Before the infection, a default installation of Firefox 3.6.10 would prompt the user after the user clicks the Log In button on a Web page, asking whether he or she wants to save the password. After the infection, the browser simply saves all login credentials locally, and doesn't prompt the user.
The virus then creates a new account on the computer named "Maestro", stores all the passwords onto a local file, and then tries to send them out to a server, once per minute.
The good news is that the Web domain specified to receive this data has already been shut down and the code inside the malware was opened to show the author's name and email address. That information had led Webroot to a Facebook page of a hacker in Iran who makes keyloggers for Windows.
Also, Webroot has been able to easily remove and identify the Trojan from any infected machine. To fix this problem, Webroot advises Firefox users to install the latest Firefox installer and overwrite the existing version. We advise you to use a big boy browser like Internet Explorer 8, regarding of its dwindling marketshare. If you choose to stay with Firefox, be sure to tell it to NOT remember your passwords. Go to Tools and select Options, then under the Security tab uncheck the box.
