Mozilla Firefox browser is exploited
Security experts have discovered a vulnerability in the Mozilla Firefox browser, which can help attack browsers and track click tasks.
That's Infostealer.Snifula, a cross-platform component object model (XPCOMs), often used by developers to create extensions for the Firefox browser. It is this component that helps install malicious trojans that run while the computer starts up.
The installed Trojan will record the submit forms, including the password and the form information, and then send it to the remote attacker.
According to Symantec security engineer, Candid Wuest, the above exploit technique is often used to attack the Internet Explorer browser helper object (BHO), which has now moved to attack Mozilla (since March 2006). ). This method combines with JS.Ffsniff (written in Javascript) to attack the browser using the XPConnect Java interface, allowing direct access to XPCOM objects.
" When an infected computer sends a form to a website, JS.Ffsniff will steal all the information sent and then use XPCOM objects to send them to the specified e-mail address ," Wuest said. .
Wuest said that the attack will spread because Mozilla Firefox is quite popular. Wuest also recommends that users install patches for browsing.
- Mozilla tested the new Firefox browser
- Mozilla accelerates Firefox 3
- Mozilla patches Firefox
- Mozilla tested Firefox 3.0
- Google Browser Sync - sync Mozilla Firefox settings between multiple computers
- Mozilla recommends that users upgrade Firefox
- What's new in Firefox 1.5?
- Mozilla advertising for Firefox Video
- Mozilla launched Firefox 1.5.0.1
- Firefox 2.0 is delayed until October
- Mozilla launches Firefox 2.0 Beta 2 browser version
- Hackers can control computers through Firefox's add-on