In association with heise online

16 June 2006, 15:07

Firefox users in the crosshairs of the spyware scene

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Internet Storm Center has a report about an e-mail being sent out as spam, mostly in Australia. It attempts to get recipients to visit a web site that exploits weak points in their browser. The interesting thing about it is that the obfuscated JavaScript code on the web site checks to see which browser is being used and presents an exploit for a hole in an older version of Mozilla/Firefox. The report does not explain what happens then, but experience tells us that spyware and adware is often installed by such sites without the consent of the user (also see Follow the Bouncing Malware).

For years, the adware & spyware scene has been exploiting holes in Internet Explorer by these means, but now Firefox users are apparently being targeted more and more as that browser becomes more commonly used. It is therefore all the more important that Firefox users get rid of older versions of their browser and install the latest one as quickly as possible. The NoScript add-on provides additional security by allowing you to switch off in general active content, such as JavaScript and Java, and only allow it for selected, trustworthy sites.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit