Mon 12 May 2008
Search
RSS Feed

RSS Feed

Edited by Paul Hales

Published by Incisive Media Investments Ltd.

Terms and Conditions of use.

To advertise in Europe e-mail here

To advertise in Asia email here.

To advertise in North America email here.

Join the INQbot Mail List for a weekly guide to our news stories:

Subscribe

Firefox fights Trojan

Rogue code went out with language pack

By Nick Farrell: Friday, 09 May 2008, 8:31 AM

THE MOZZARELLA Foundation has admitted that language packs for its Open Sauce Firefox browser shipped with a particularly nasty bit of malware.

The Trojan had infected a Korean language pack and had sat on the Firebadger add-on page for months before it was spotted by a bloke called Hai-Nam Nguyen. Firefox pulled the file the same day.

Since the virus was unknown at the time, it passed Mozilla's testing of add-ons and, according to Wired, 16,667 people had downloaded the add-on since November 2007. While this may not seem like a lot of people in the scheme of things, it would give a huge start to the development and replication of malware.

A big cheese in the Mozzarella Foundation has said that, as a result of the case, it is rescanning all files every time a new signature comes out.

The bloke who wrote the add-ons has been cleared of intentionally booby-trapping the file, but had his own system infected.

The Trojan inserted a banner ad displaying script into any html file on his system, which included the help files for the language pack. µ

L'Inq
Wired

Comments

Proof yet again.

Firefox Extensions are bad, and compromise security.

If you want to stay secure, your ONLY option is to use Opera (which also happens to be the fastest and most functional out of the box too, which is nice..)
posted by : Mark, 09 May 2008

What banner

1700 people got it, it makes banner ads, nobody noticed, I guess that's a testament to the market-penetration of adblock then?
posted by : W.-, 09 May 2008

Not Korean.

The language pack was for Vietnamese.

And who knew there were enough Opera users to produce zealots?
posted by : Fredrik, 09 May 2008

Tip of the Hat

The most important text in the article is that Mozilla pulled the update the exact same day the issue was spotted. Were it a Microsoft issue, we'd spend months getting an ear-full about how secure the system is and that the issue isn't really an issue at all. Mozilla was made aware of the problem and took immediate steps to resolve it, including a policy change which will mean they continually scan released patches for vulnerabilities in light of new data. I wish Mozilla would build an OS.
posted by : Phoenix, 09 May 2008

Proof yet again....again.

The more popular a browser becomes, the more it will be targeted by ne'er-do-wells.
posted by : pizzaman, 10 May 2008
IThound
Search for solutions, reports & analysis

Newsletter signup