Virus Reporter - The Chromeinject Trojan is a fan of Firefox
Chromeinject.A Trojan attempts to collect and disclose banking information of Firefox users.
A Chromeinject.A Trojan specifically threatens the data of Mozilla Firefox users. The malware modifies certain files in your web browser. This allows you to continuously monitor the web pages displayed. If the user views a page where they can enter confidential information, they will collect login information. The Trojan is primarily activated when downloading banking websites. Chromeinject.A automatically uploads the collected valuable data to two predefined remote servers, exposing it to attackers.
When the Chromeinject.A Trojan starts, it performs the following actions:
- Create the following files in your Firefox directory:
plugins \\\ pbasic.dll
plugins \\\ pbasic.dll1
% Temp% \ [random filename] .tmp - Modify the following files to obtain confidential information:
chrome \ chrome \ content \ browser.js
chrome \ chrome \ content \ browser.xul
chrome \ browser.manifest - It attempts to collect bank login information when viewing predefined websites with Firefox.
- It uploads the collected data to two predefined remote servers.
