Malicious Firefox add-on steals banking passwords

Share

Firefox_logo.jpgYet another reason to be extremely vigilant when accessing financial web sites: researchers have discovered an add-on for Firefox which lies in wait for the user to log in to a banking or online payments site and then sends the username and password to a Russian site.

It’s a bit of a blow for those who have trumpeted how secure Firefox is, but of course we all know that no piece of software is completely secure.

Users who are careful and ensure that they only get software extensions from trusted sources should be pretty safe. The other method is to sacrifice the functionality that add-ons provide and use a plain installation of the web browser to bank online. Alternatively, at least for this particular piece of scumware, is to switch off JavaScript when accessing sensitive sites.

Firefox is an increasingly popular target for authors of malware, but there’s no real need to be alarmed. Running decent anti-virus software and keeping it up-to-date is the best way to stay secure.

(Via Macworld)

Related posts: Pirates of the Amazon Firefox extension | Firefox gets 20% market share

Andy Merrett