Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Trojan Forces Firefox to Secretly Store Passwords

suraj.sun (1348507) writes | about 4 years ago

Firefox 1

suraj.sun (1348507) writes "A trojan recently analysed by Webroot is said to rely on retrieving web page passwords from a browser's password storage, rather than logging a user's keyboard inputs. To make sure it will find all the interesting passwords in Firefox, the malware, called PWS-Nslog, makes some changes to jog the browser's memory. A few manipulations in a JavaScript file prompt Firefox to store log-in information automatically and without requesting the user's consent.

The malware will, for instance, simply comment out Firefox's confirmation request in the nsLoginManagerPrompter.js file and add a line with automatic storage instructions. The H's associates at heise Security were able to reproduce the effect of the manipulations – manipulations which the malware author probably borrowed from a work around that has been in circulation since 2009.

The manipulation works on all platforms on which the Trojan has the rights to modify the nsLoginManagerPrompter.js file. In tests this worked on Windows XP, Windows 7 and Ubuntu 10.04.


Link to Original Source

cancel ×

1 comment

Sorry! There are no comments related to the filter you selected.

Questions (1)

MadTwit (1918654) | about 4 years ago | (#33876262)

Does the master password on firefox stop them from finding currently stored passwords? Also what use is forcing the browzer to store passwords, maybe logging onto malicious sites? Thanks
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?