BitDefender researchers have discovered a new worm that only targets Firefox users. The worm is named Trojan.PWS.ChromeInject.A, it sits in Firefox's add-ons folder and is designed to steal password for more than 100 financial and money transfer sites. BitDefender says the worm tries to conceal its true identity by posing as "Greasemonkey", a popular Firefox add-on:
Firefox has been continually gaining market share against main competitor Internet Explorer since its debut four years ago, which may be one reason why malware authors are looking for new avenues to infect computers, Canja said.
Users could be infected with the Trojan either from a drive-by download, which can infect a PC by exploiting a vulnerability in a browser, or by being duped into downloading it, Canja said.
When it runs on a PC, it registers itself in Firefox's system files as "Greasemonkey," a well-known collection of scripts that add extra functionality to Web pages rendered by Firefox.