Nobel Peace Prize Site Hacked to Serve Firefox Attack
For many years, one of the arguments as to why the Windows platform was targeted so much by malware authors was due to its widespread popularity and market share. When the Internet gained widespread acceptance and use, many attacks against Microsoft's dominant Internet Explorer were explained using similar logic. Attacks that targeted other browsers would often also include an infection vector for Internet Explorer, to improve the chances of actually gaining infected users.
Taking this line of reasoning a step further, users of other internet browsers argue that by not using Internet Explorer, their Internet experience is inherently safer.
Just this past week an interesting variation to this situation has come to light, with an attack surfacing on the Nobel Peace Prize website that only targeted users of the Firefox browser. The attack was made using a very recently disclosed vulnerability and did not contain any infection vector targeting Internet Explorer users.
The malware installed by the attack gives the attacker control over the infected system to the same level as the infected user.
Until a patch can be applied, disabling JavaScript support prevents infection due to this vulnerability.
30 October 2010
Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.
Comments will soon be available for registered users.
Subscribe to our feed.