On 2008-12-16, Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> wrote:
>
> ____/ nessuno@xxxxxxxxxxxxxxxxxxx on Monday 15 December 2008 22:54 : \____
>
>>
>>
>> <Quote>
>> Virus writers have latched onto the popularity of Firefox with a new
>> variant on the established practice of stealing online banking
>> passwords.
>>
>> A password pinching Trojan that poses as a Firefox Plugin is doing the
>> rounds... ChromeInject-A is typically downloaded onto Windows PCs
>> already compromised by other strains of malware.
>>
>> Once installed, the Trojan sits in Firefox's Plugin folder, activating
>> every time the popular browser is started. The backdoor code looks for
>> data exchanged between a compromised machine and a list of pre-
>> programmed banking sites in Europe, Australia and the US.
>> </Quote>
>>
>> I posted this several days ago, but forgot the link:
>>
>> http://www.theregister.co.uk/2008/12/04/firefox_plug_in_trojan/
>>
>> Only works on Windows machines already compromised by worms or
>> viruses.
>
> Ahh... that would be 4 out of 10 Windows boxes.
This is a problem with the "plug-in" concept in general. If you
leave the system open to install new stuff like this then someone
is bound to exploit it for malware. I've long thought that the best
plug-ins and extensions should be vetted and bundled with the core
application. Then you could turn off the extension installer entirely.
[deletia]
--
Nothing quite gives you an understanding of mysql's |||
popularity as does an attempt to do some simple date / | \
manipulations in postgres.
Posted Via Usenet.com Premium Usenet Newsgroup Services
----------------------------------------------------------
http://www.usenet.com
|
|
