Viorel Canja - Director of BitDefender's lab - said the malware Trojan.PWS.ChromeInject.A is hidden in a folder containing additional applications for Firefox. Firefox runs, it runs. Also it will lie dormant in that folder.
This code uses Javascript code to identify more than 100 leading financial and money transfer websites in the world such as Barclays, Wachovia, Bank of America or PayPal . When discovering Firefox users are accessing these websites it will immediately collect their account information and transfer to a remote server of hackers.
Mr. Cania said that the malicious code was implanted on various malicious websites. When Firefox users access these websites it will immediately break into the system. After successfully breaking into it, it will automatically log in to Firefox system files called Greasemonkey - a collection of popular Firefox add-ons.
BitDefender also confirmed that the malware does not exist on the site that provides Firefox's official Firefox add-on applications. Recently, Mozilla has applied a lot of measures to enhance the security of this website especially after the Vietnamese language package problem for Firefox was found to contain malicious code.
Thoroughly investigating the fact that the language pack contains only some inappropriate HTML source code that may cause users to see unwanted ads. After this incident Mozilla conducted a scan to check all additional applications posted to its servers.
Security experts believe that today's Firefox has become one of the hackers' favorite targets, as the open source browser is becoming more and more popular.