Jump to content

Firefox zero-day under attack at Nobel Prize site


nsane.forums

Recommended Posts

Malicious hackers are exploiting a zero-day vulnerability in Mozilla's Firefox browser to launch drive-by download attacks against visitors the Nobel Prize website. According to researchers at Norman ASA, Firefox users who surfed to the site were silently infected with Belmoo, a Windows Trojan that gives the attacker complete control of the machine.

The exploit was successful on Firefox versions 3.5 and 3.6, according to Norman.

Once a drive-by download is successful, Norman said the malware would then attempt to connect to two Internet addresses, both which point to a server in Taiwan.

Mozilla's security response team is investigating the issue, according to a spokesperson.

UPDATE:

Mozilla has now confirmed the zero-day nature of the vulnerability and in-the-wild exploits. The open-source group describes the issue as “critical” and confirms it affects fully patchedFirefox 3.5 and Firefox 3.6 users.

Users who visited an infected site could have been affected by the malware through the vulnerability. The trojan was initially reported as live on the Nobel Peace Prize site, and that specific site is now being blocked by Firefox’s built-in malware protection. However, the exploit code could still be live on other websites.

Mozilla said it has already diagnosed the issue and is currently developing a fix, which will be pushed out to Firefox users as soon as the fix has been properly tested.

The group urged its users to immediately:

view.gif View: Original Article

Link to comment
Share on other sites


  • Replies 2
  • Views 1.1k
  • Created
  • Last Reply

Mozilla developers are scrambling to fix a new Firefox browser bug being used by criminals to install malicious software on victims' computers.

The flaw was uncovered Tuesday by security vendor Norman, which said that it learned of the bug after analyzing attack code surreptitiously installed on the Nobel Peace Prize website. "If a user visited the Nobel Prize site while the attack was active early Tuesday using Firefox 3.5 or 3.6, the malware might be installed on the user's computer without warning," Norman said in a press release.

In a blog posting, Mozilla confirmed that the attack exploited a previously unpatched flaw, and said it had heard from "several security research firms" that this attack code has been used on the Internet.

"We have diagnosed the issue and are currently developing a fix, which will be pushed out to Firefox users as soon as the fix has been properly tested," Mozilla said in its blog post.

Mozilla said that the bug affects Firefox 3.5 and 3.6, but didn't say what operating systems are vulnerable. According to Norton, the attack seen on the Nobel Peace Prize website targets Windows. It installs a Trojan program that can then be used by attackers to download more malicious software and essentially take control of the victim's computer.

The attack does not appear to be widespread at this point.

Users who want to protect themselves against the attack can disable JavaScript in Firefox by locating the checkbox under the Tools drop-down menu in the Options Content tab. Users can instead install the NoScript add-on, Mozilla said.

view.gif View: Original Article

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...