A Trojan masquerading as a Mozilla Firefox plugin to steal online bank passwords has been found by Romanian security firm BitDefender.
Trojan.PWS.ChromeInject is intended to be delivered onto compromised computers by other malware. It then sits in Firefox's Plugin folder, running every time the browser is started.
Although BitDefender says the Tojan causes "very high" levels of damage, incidents are "very low".
Viorel Canja, head, anti-virus lab, BitDefender, says: "Users should be aware that without the appropriate security solution, the integrity of their systems is at an extremely high risk."