Mozilla Firefox users are being targeted by a new Trojan that steals online banking passwords.

According to security researchers at BitDefender, Trojan.PWS.ChromeInject.A identifies banking and money transfer websites such as Barclays and PayPal though JavaScript, and then collates the logins and passwords before forwarding them to server in Russia.

firefox_logo_100_sq The malware, which is being spread by drive-by downloads or by duping users into downloading it, is stored in the Firefox add-on folder and is registered as 'Greasemonkey', which are scripts that add extra functionality to Firefox. It starts working as soon as the browser is opened.

However, the malware is not being obtained from Mozilla's official Firefox add-on site and the software manufacturer ensures all new add-ons are scanned for threats before being published.

Viorel Canja, the head of BitDefender's lab, explained that Firefox's increasing market share may be one reason why malware authors are targeting the browser.

Canja urged Firefox users worried about the Trojan to only download signed, verified software.

isit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security products

Visit Broadband Advisor for the latest internet news, reviews, tips & tricks - and to take advantage of PC Advisor's unique, independent Broadband Speed Tester