Trojan disguised as a Firefox plugin (password stealing app)

Posted by

Recently, BitDefender has warned users from it’s site about a new Trojan that steals passwords of all kinds, based mainly on key banking. This Trojan poses as a Firefox extension, so the user does not get warned about it easily by their Antivirus or Internet Security Software’s.

This threat has been named as’ Trojan.PWS.ChromeInkect.A ‘, which is executed each time when the user opens Firefox Web browser.

Trojan.PWS.ChromeInject.A filters data sent by the user to over 100 online banking websites. The banking websites include:,,,, and

Once it detects that the user has entered the data (like passwords or login information) in above listed sites, then Trojan.PWS.ChromeInject.A will send data, including the password to a remote server located in Russia, which could indicate the source of this threat.

“Users should be aware of the risks they are facing if such confidential information is stolen,” said Viorel Canja, head of BitDefender anti-virus lab.

Via : BitDefender Uncovers New Password Stealing Application