Peaches Posted October 9, 2010 Report Share Posted October 9, 2010 Trojan Patches Firefox File to Steal Passwords Security researchers from antivirus vendor Webroot have identified an information stealing trojan, which modifies a Firefox file, so that the browser is forced to store passwords automatically.The threat is detected by Webroot as Trojan-PWS-Nslogm and is capable of stealing usernames and passwords stored by both Internet Explorer and Firefox browsers. By default, whenever Firefox detects that login credentials are submitted through a Web form, it offers to remember them for future use.When this happens, the user is presented with several options which include "Remember", "Never for This Site" or "Not Now". If they choose remember, the browser stores the username and password in a local database.Since it's easier to steal credentials from this database instead of injecting the browser process and grabbing them as they are submitted, the author of this trojan thought it would make more sense to have Firefox remember all passwords without asking users for confirmation. Further details here: http://news.softpedia.com/news/Trojan-Patches-Firefox-File-to-Steal-Passwords-159940.shtml Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.