Firefox fights Trojan
9 May 2008 | 08:31 BST
Rogue code went out with language pack
THE MOZZARELLA Foundation has admitted that language packs for its Open Sauce Firefox browser shipped with a particularly nasty bit of malware.
The Trojan had infected a Korean language pack and had sat on the Firebadger add-on page for months before it was spotted by a bloke called Hai-Nam Nguyen. Firefox pulled the file the same day.
Since the virus was unknown at the time, it passed Mozilla's testing of add-ons and, according to Wired, 16,667 people had downloaded the add-on since November 2007. While this may not seem like a lot of people in the scheme of things, it would give a huge start to the development and replication of malware.
A big cheese in the Mozzarella Foundation has said that, as a result of the case, it is rescanning all files every time a new signature comes out.
The bloke who wrote the add-ons has been cleared of intentionally booby-trapping the file, but had his own system infected.
The Trojan inserted a banner ad displaying script into any html file on his system, which included the help files for the language pack. µ
L'Inq
Wired
© 2007 Incisive Media Investments Ltd. 2007