Two-Timing Trojan Infects Internet Explorer, Firefox in One Swing

/ Source: SecurityNewsDaily

Firefox and Internet Explorer are equally susceptible to a new piece of malicious software making its evil way around the Web.

The computer virus touts itself as an important plug-in aimed at increasing the Web browsing experience of Internet Explorer (IE) users. But instead of helping its customers, the fake plugin is actually a Trojan that spies on and records the browsing habits of the IE users who mistakenly download it.

The security firm Bitdefender has identified the rogue IE plug-in as Trojan.Tracur.C, and says it is spreading by masking itself as an Adobe Flash Player upgrade.

This, unfortunately, is only half the problem — this malware is a package deal.

Trojan.Tracur doesn't only affect IE users; it also automatically drops a corrupt Firefox add-on, called Trojan.JS.Redirector.KY, that performs similarly suspicious and harmful functions on those browsing the Web with Mozilla Firefox.

The fake Firefox add-on is particularly dangerous because it records the information the victim types into any search engine, and then inserts malicious code into the top results. This cybercriminal tactic, called poisoned SEO, allows the malware authors to effectively hijack a user's Web browser and redirect it toward corrupt Web pages.

"By now, it should be a golden rule to stay away from software offered by non-official sites," Bitdefender wrote. "Double-check, or triple-check, the location's credibility before downloading a program, application or add-on."

Increase your safety by also running up-to-date anti-virus and anti-malware software on your system that can detect and eliminate these types of nasty threats.