Got this e-mailed in from a reader, so wanted to spread the word. Can never be too careful these days.
BitDefender has identified this new bit of holiday cheer as Trojan.PWS.ChromeInject.A” (the ChromeInject suffix refers to the Chrome component of Firefox). The trojan installs itself into Firefox’s add-on directory, registers itself as Greasemonkey, and begins searching your hard drive for passwords, login details, your World of WarCraft account information, and your library card number.
You can read more about the situation over at ars technica. The real Greasemonkey is still malware-free and is totally safe to use. This trojan in question isn’t even the Greasemonkey script. It just calls itself that to try to trick you down download it. This seems to be a pretty stupid move from the trojan writers though, due to the fact that Firefox users who use Greasemoney (I would say) have a little higher Internet intelligence than your average punch a monkey to win a iPod person.
Need Help? Be sure to check out the Beginner’s Guide to Greasemonkey!