Trojans taking advantage of Firefox save user passwords

TipsMake.com - The newly discovered Firefox Trojan shows the ability to force Firefox's browser to save user passwords, then they will use these passwords to create a new user account on the computer. has been infected.

Most security researchers recommend users not to save passwords on Firefox, because saving a password can easily attract malware.

Trojan-PWS-Nslog was discovered by Webroot , but it previously approached user preferences when it stopped working on Firefox code when they asked to confirm whether users wanted to save their passwords when They log in to a secure page.

On an article published last Wednesday, Webroot researcher Andrew Brandt explained: ' Before infection, the default installation of Firefox 3.6.10 prompted users after they clicked on. Log In button on a web page, asking if they want to save the login password. After infection, this browser simply saves all login information, and does not prompt the user '.

More specifically, the Trojan adds some code and notes to add other parts of the code from Firefox's file called nsLoginManagerPrompter.js , with the result that all passwords are saved without needing to work. action of the user.

Follow the trace

With the above information, the Trojan will create a new account under the name " Maestro " on the infected computer. It then searches for more information from the Registry, on the area called Protected Storage used to store IE passwords, and from Firefox's password storage area, and attempts to relay the information stolen every minute.

The website used to receive the stolen information is completely blocked, but the code inside the malware reveals the author's name and email address information. This information led Webroot to a hacker site in Iran, who provided a free Keylogger tool aimed at Microsoft Windows users.

Webroot can easily identify and remove Trojans from infected machines. To be able to fix the modified Firefox files, users should download the latest installation of Firefox and install them on the existing version. Brandt said that in this way, there will be no bookmarks or add-ons lost during the installation process.

How to help Firefox "forget"

According to Net Applications , Mozilla's Firefox browser currently ranks second in the web browser market share, with a 23% share in September. The first beta version of Firefox 4 for Android has also been released this week.

By default, Firefox will remember the user password. To remove this feature, go to the Tools menu and select Options . Here, open the Security tab and remove the check box in the corresponding box.