Jump to content

Mozilla Disables Fake Firefox Add-on Used by Botnet


Matsuda

Recommended Posts

sshot_1.png


On Monday, Brian Krebs revealed the existence of a botnet called Advanced Power. The threat relies on a rogue version of the Microsoft .NET Framework Assistant Firefox add-on to hijack computers and turn them into zombies that probe websites for SQL Injection vulnerabilities.

Shortly after, Mozilla announced that it had blocked the fake Microsoft .NET Framework Assistant add-on in order to protect users. The malicious component is disabled automatically, so users don’t need to take any action.

“We have disabled the fraudulent ‘Microsoft .NET Framework Assistant’ add-on used by ‘Advanced Power’ as part of its attack,” a Mozilla spokesman told Softpedia in a mailed statement.

“You should always be careful with anything you download. It’s a good idea to use many layers of protection, including antivirus software to stop malware.”

Brian Krebs reports that the botnet has already infected over 12,500 computers. The cybercriminals are using the malware to monitor all the webpages visited by the owners of infected devices in an effort to identify SQL Injection vulnerabilities.

They can later exploit the security holes for drive-by download attacks and to retrieve information from the sites’ databases. At least 1,800 users have already been infected. It’s uncertain at this point how the malware is being distributed.

There are several possibilities. It could be bundled with software served on various websites. The cybercriminals might also be using a malicious site that instructs potential victims to install a software component – in this case, the rogue add-on – in order to view a video or gain access to some content.

In any case, experts say the approach used by the attackers is “deep and innovative.”




search_button.gifSource

Edited by Matsuda
Link to comment
Share on other sites


  • Views 1k
  • Created
  • Last Reply

Top Posters In This Topic

  • Matsuda

    1

Popular Days

Top Posters In This Topic

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...