|
| Re: Firefox Infects Vietnamese Users With Trojan Code |
 |
Thu, 8 May 2008 11:51:55 -0400 |
> Starting in mid-Feburary, Vietnamese users of Mozilla's open source
> Firefox browser were at risk of infection from malicious Trojan
Horse
> code seemingly accidentally embedded in a language pack available on
its
> Add-ons site.
Yeah, gee, sorry, fellas. I didn't really mean to post that malicious
code so that I could infect and exploit your computer. It was an
accident! Honest!
|
| Post Reply
|
| Firefox Infects Vietnamese Users With Trojan Code |
 |
Thu, 08 May 2008 22:30:25 +100 |
http://blog.wired.com/27bstroke6/2008/05/firefox-infects.html
Firefox Infects Vietnamese Users With Trojan Code
By Ryan Singel EmailMay 07, 2008 | 7:57:59 PMCategories: Glitches and Bugs
Firefoxlogo
Mozilla, the maker of the open source Firefox browser, is redoubling its
efforts to check user created add-ons for viruses and Trojans after it
discovered that a language pack on its official add-on page had been
infected for months with rogue code, the organization reported Wednesday.
Starting in mid-Feburary, Vietnamese users of Mozilla's open source
Firefox browser were at risk of infection from malicious Trojan Horse
code seemingly accidentally embedded in a language pack available on its
Add-ons site.
The virus's signature was unknown at the time, and thus passed Mozilla's
testing of add-ons.
The glitch isn't the first time that seemingly trusted software included
rogue code, but such occurences are surprisingly rare given the amount
of open-source and shareware programs that net users install based on
blind trust. That's not even mentioning the huge selection of pirated
software available on file sharing networks that could easily be
infected with malware.
In response to the later discovery of the latent Trojan code by
anti-virus software, Mozilla pulled the language pack and announced it
would begin scanning all add-ons whenever they update their virus
signatures, not just when add-ons are originally posted, according to a
entry on the Mozilla security blog.
Mozilla had no exact statistics on the number of users who had installed
the infected Vietnamese language add-on since it was uploaded on
February 18, but said that 16,667 people had downloaded the add-on since
November 2007.
On Tuesday, a user named Hai-Nam Nguyen reported that anti-virus
programs detected the Xorer Trojan inside the add-on. Firefox admins
quickly confirmed the presence of the Trojan's code and removed the file
the same day.
Mozilla ran an anti-virus check on the most recent version in February
when it was added to the official Firefox add-ons site, but the Trojan's
virus signature was not known until April.
The add-on's author is not suspected of intentionally booby-trapping the
file, but instead had his own system infected. That Trojan inserted a
banner-ad displaying script into any html file on his system, which
included the help files for the language pack.
That meant that anyone installing the language pack would have malicious
ad displaying code inside their browser -- which could be used for other
exploits.
The Vietnamese language pack has been pulled until a clean replacement
|
| Post Reply
|
|
|
|
|
|
|
|
|
|