Latest News

BitDefender Uncovers New Password Stealing Application

December 2008

A password stealing application, disguised as a Firefox Plugin, filters sent login credentials

BitDefender announced that a new type of password - stealing application disguised as a Mozilla Firefox Plugin has been detected in the wild. The e-threat, Trojan.PWS.ChromeInject.A, is downloaded to a Mozilla Firefox Plugin folder and is executed each time the user opens Firefox.

Trojan.PWS.ChromeInject.A filters data sent by the user to over 100 online banking websites. The banking websites include:,,,, and Users infected with Trojan.PWS.ChromeInject.A have their login credentials sent to a web address similar to [removed] Both the domain and the hosting server are located in Russia, which could indicate the origin of this e-threat.

Users should be aware of the risks they are facing if such confidential information is stolen, said Viorel Canja, head of BitDefender anti-virus lab.