Viruses/Worms News

Add-ons for Mozilla Firefox could help to spread malware

Wednesday, November 25, 2009

Security researchers employed by Security Assessment say that Mozilla, the maker of the popular Firefox web browser, does an inadequate job of securing its software against malicious code in user-installed extensions.

A presentation slide from the talk given by Roberto Liverani and Nick Freeman at the DefCon hacker convention asserted that Firefox's security measures for extensions are "non-existent." Liverani and Freeman say that malware authors have already used the vulnerability to hijack browser sessions and compromise sensitive personal data, citing cases from as long ago as 2006, when the Formspy Trojan masqueraded as a legitimate Firefox add-on.

The researchers say that users are not used to thinking that Firefox extensions might be unsafe, since the browser itself has an excellent reputation for security. Open source software is frequently vulnerable to malicious exploitation, according to Liverani and Freeman, because the access to core functionality is so widespread and simple to research.

The techniques used to create malicious Firefox extensions are common ones in the world of malware, including the use of XSS hacks to spread malicious Javascript.ADNFCR-1765-ID-19479954-ADNFCR

Related News:

Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.

Report: 'At least 34' firms attacked at the same time as Google - 1.15.2010
The Washington Post asserts that many U.S. companies were targeted in the same network security and email breach that affected Google and provoked the company's highly publicized spat with the Chinese government.

Gumblar botnet builder resurfaces with a vengeance - 1.7.2010
Though security researchers had believed it to be more or less dormant, the Gumblar malware came storming back into prominence at the turn of the decade, performing what Softpedia calls a "mass injection attack" on computers and websites around the world.

Symantec endpoint protection suffers from updating issue - 1.7.2010
As 2009 turned into 2010, users of Symantec's Endpoint Protection Manager ran into trouble with updates for the program, as any patches released after the end of 2009 were misidentified as being out-of-date.

Experts laud heuristic detection as necessary backup to signature-based solutions - 1.6.2010
Anti-virus programming experts say that behavioral or heuristic detection of malware will become increasingly important to safeguarding computer systems, as modern malware becomes more and more difficult to detect using traditional methods.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now