The fake Trojan add-on Trojan is extremely dangerous
Security firm McAfee yesterday discovered a fake trojan as an add-on for the Firefox browser to break into users' systems.
Keylogg both mouse and keyboard
In fact, the FormSpy trojan is a keylogger that monitors all mouse and keyboard operations to steal users' personal information such as online bank account login information, links. URL in Firefox browser .
Not only is this trojan capable of stealing passwords from other applications such as ICQ, FTP, IMAP and POP3 email traffic, said security vendor McAfee. Any collected information will be sent to the attacker's IP address.
Extremely sophisticated
The trojan is part of a phishing campaign via email with electronic messages sent from the payment support office of global well-known retailer Wal-Mart, Craig Schmugar - a research expert of McAfee - said. " The emails sent in this phishing campaign contain an order number, so users can easily open those emails. If those emails are opened, the trojan will break into the system. and install two more of them - including a keylogger . "
However, the way the FormSpy trojan spreads and breaks into the system is also very different - this method can be said to be unique at this time, Schmugar said.
This trojan is fake as an additional application for open source Firefox browser. The fake FormSpy fact is the additional application Numberedlinks 0.9 - an additional application that allows users to access links by keyboard. FormSpy also uses some code of Numberedlinks to integrate fully into Firefox.
Typically, a Windows-based Firefox application often displays a dialog box that allows users to confirm whether or not to install. However, the FormSpy trojan skipped that step. This trojan overrides all the information on the Firefox folder without warning users. Users are infected without even knowing it is caused by an extra application. Even the Firefox browser confirms the application of this scam as a legitimate add-on and displays the list when accessing Tools | Extensions .
Supplement? Too unsafe
Additional Firefox applications have long been considered poorly secure, especially when they do not have digital authentication. FormSpy's forgery will once again revive this issue.
" The trojan used a mechanism to get its code into the browser ," Schmugar said. " Mozilla should consider more about the security of additional applications ."
Hoang Dung
- New variant Gozi Trojan raged again
- Apple fake Trojan sales announcement
- Code for creating dangerous trojans is being sold
- Appeared a fake Google Toolbar trojan
- 2007: Super sophisticated Trojan will be raging
- Trojan warning fake to sell products
- The most dangerous Trojan ever seen on Android
- Trojan forged Microsoft security warnings
- Appears a trojan ...
- Trojan - Pirates of the Caribbean
- How to identify fake gas, poor quality gas
- Dangerous Trojan attacks Yahoo Mail and Hotmail