Spyware Takes Aim At Mozilla Browsers
MonsieurEvil
Join Date: 2002-01-22 Member: 4Members, Retired Developer, NS1 Playtester, Contributor
Join Date: 2002-01-22 Member: 4Members, Retired Developer, NS1 Playtester, Contributor
in Off-Topic
<a href='http://news.com.com/Spyware+takes+aim+at+Mozilla+browsers/2100-7349_3-5569635.html?part=rss&tag=5569635&subj=news.7349.5' target='_blank'>http://news.com.com/Spyware+takes+aim+at+M...ubj=news.7349.5</a>
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Security experts are advising that spyware that targets browsers from the Mozilla Foundation has been spotted--a threat that could worsen as its Firefox browser takes market share from Microsoft.
Stu Sjouwerman, the founder of Sunbelt Software, said on Tuesday that the anti-spyware company has discovered what it believes is the first spyware to take aim at surfers using Mozilla browsers.
Richard Stiennon, vice president of threat research at Webroot Software, which also develops anti-spyware tools, said that the malicious software does not target Firefox specifically.
"According to my research team, this site does not target Firefox, but it does target Mozilla," Stiennon said. "(It's) only a matter of time now until a Firefox spy is discovered."
Although the spyware is only installed if users agree to download a certain file, many users are likely to click through, as the download's dialogue box gives no indication of the file's malicious payload, Sjouwerman said.
"It's done in a way that people might not recognize as a normal install, and will work in Firefox," Sjouwerman said. "It's not a full-fledged spyware attack yet, but it definitely shows where it's going."
Experts believe that Mozilla-based browsers such as Firefox have become a greater target for spyware as their market share has rapidly increased over the last six months--from 2.4 percent in May to 7.4 percent in November, according to Web traffic measurement company OneStat.com. Firefox has said that it is aiming for 10 percent of Web surfers by the end of 2005.
Writers of viruses and spyware for browsers have typically concentrated on Internet Explorer, because of its near-total market dominance. But that could be changing now that Firefox is making gains at the expense of Microsoft's browser.
Sjouwerman said that "stealth spyware" targeted at Firefox is "bound to happen" as hackers are currently working hard trying to find security holes in the open-source browser. "There's a small army of rogue programmers that are tearing Firefox apart," he said.
But Graham Cluley, a senior technology consultant at security company Sophos, said he is not sure what type of spyware will target Firefox.
"It's hard to predict precisely what form spyware for Firefox may take, as it will depend in part on what security flaws may be found in the Firefox code in the future, and how quickly the community responds to patch those vulnerabilities," Cluley said.
David McGuinness, a Mozilla contributor, said Firefox protects PC users by displaying a yellow information bar if a site that is not Update.mozilla.org tries to automatically install code. But he warned that it will be more difficult to protect systems against a stealth install.
"It all boils down to user education. People can install applications with variable amounts of effort from all browsers. It's the stealth attacks that are the problem, where people get infected without running anything themselves," McGuinness said.
Ingrid Marson of ZDNet UK reported from London.
<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
As always, downloading strange files is bad, no matter what your browser. BAD I SAY!!!
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Security experts are advising that spyware that targets browsers from the Mozilla Foundation has been spotted--a threat that could worsen as its Firefox browser takes market share from Microsoft.
Stu Sjouwerman, the founder of Sunbelt Software, said on Tuesday that the anti-spyware company has discovered what it believes is the first spyware to take aim at surfers using Mozilla browsers.
Richard Stiennon, vice president of threat research at Webroot Software, which also develops anti-spyware tools, said that the malicious software does not target Firefox specifically.
"According to my research team, this site does not target Firefox, but it does target Mozilla," Stiennon said. "(It's) only a matter of time now until a Firefox spy is discovered."
Although the spyware is only installed if users agree to download a certain file, many users are likely to click through, as the download's dialogue box gives no indication of the file's malicious payload, Sjouwerman said.
"It's done in a way that people might not recognize as a normal install, and will work in Firefox," Sjouwerman said. "It's not a full-fledged spyware attack yet, but it definitely shows where it's going."
Experts believe that Mozilla-based browsers such as Firefox have become a greater target for spyware as their market share has rapidly increased over the last six months--from 2.4 percent in May to 7.4 percent in November, according to Web traffic measurement company OneStat.com. Firefox has said that it is aiming for 10 percent of Web surfers by the end of 2005.
Writers of viruses and spyware for browsers have typically concentrated on Internet Explorer, because of its near-total market dominance. But that could be changing now that Firefox is making gains at the expense of Microsoft's browser.
Sjouwerman said that "stealth spyware" targeted at Firefox is "bound to happen" as hackers are currently working hard trying to find security holes in the open-source browser. "There's a small army of rogue programmers that are tearing Firefox apart," he said.
But Graham Cluley, a senior technology consultant at security company Sophos, said he is not sure what type of spyware will target Firefox.
"It's hard to predict precisely what form spyware for Firefox may take, as it will depend in part on what security flaws may be found in the Firefox code in the future, and how quickly the community responds to patch those vulnerabilities," Cluley said.
David McGuinness, a Mozilla contributor, said Firefox protects PC users by displaying a yellow information bar if a site that is not Update.mozilla.org tries to automatically install code. But he warned that it will be more difficult to protect systems against a stealth install.
"It all boils down to user education. People can install applications with variable amounts of effort from all browsers. It's the stealth attacks that are the problem, where people get infected without running anything themselves," McGuinness said.
Ingrid Marson of ZDNet UK reported from London.
<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
As always, downloading strange files is bad, no matter what your browser. BAD I SAY!!!
Comments
Plus I like my plugins!
all you ff fanboys can look at this as a GOOD thing.
it showes that FF/Moz have finaly become real contenders!
<!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif' /><!--endemo--> (yes I use FF)
I wonder if the msoft spyware thing will fight these (MonsE?)
Damn straight.
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> Yeah, you know what MS Spyware doesn't fight? That worm someone wrote that deletes the entire MS Anti Spyware folder. It's true!<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
If Im not mistaken, thats actually a tojan. Which means that a user would have to be terminally stupid to get infected with it. Not running strange programs you get in your e-mail is just one of those "duh!" security measures.
But still, only like 5% of the people out there right now use FireFox, and Internet Explorer still has the largest user base by an enormous jump. I don't think you should be worried about Spyware for FireFox as of yet.
If the user can't install software, then it could help against <i>some</i> spyware, methinks. Especially the kind that is packaged with other legitimate software and only mentioned in the EULA.
I run Windows, and I do not have spyware. Interesting...
I run Windows, and I do not have spyware. Interesting... <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
Same here, and I have nowhere near the leet windoze skillz MonsE has
I run Windows, and I do not have spyware. Interesting... <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
well yah, but don't they give you the special non broken version of windows for working for them?
(<!--emo&:p--><img src='http://www.unknownworlds.com/forums/html/emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif' /><!--endemo-->)
and yah, a lettle bit of intelegence and you don't get spy ware (or virii)
After installing the MSoft spyware killer I havn't gotten anytihng (doubl checks with adaware and S&D)
I run Windows, and I do not have spyware. Interesting... <!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
that's because it's scared of you
ps: GET TEH DEE ENN ESS MOVED OGMWTHJ00NUBZ ^^ (i kid ... do you know what's up with it? it seems that the SOA/NS records are all right but it's not resolving right ... meh, i'll check my end again)
edit: microsoft antispy works. it gets mage approval.
I run Windows, and I do not have spyware. Interesting... <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
Same, I haven't had a virus in nearly 2 years, and as for spyware, just tracking cookies Ad-Aware finds, and this "DXO" Exploit SpyBot finds. They don't seem to be doing anything harmful.
I got rid of FireFox anyway, I got sick of all my webpages loading really slow.
I got rid of FireFox anyway, I got sick of all my webpages loading really slow. <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
Just FYI - the DXO exploit is a bug with SS&D - there is nothing to be worried about. ^_^
Yes, I made that stat up on the spot.
I like Microsoft even more now <!--emo&:D--><img src='http://www.unknownworlds.com/forums/html/emoticons/biggrin-fix.gif' border='0' style='vertical-align:middle' alt='biggrin-fix.gif' /><!--endemo-->