Site Network: | | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

Nobel Peace Prize Site Hacked to Serve Firefox Attack

For many years, one of the arguments as to why the Windows platform was targeted so much by malware authors was due to its widespread popularity and market share. When the Internet gained widespread acceptance and use, many attacks against Microsoft's dominant Internet Explorer were explained using similar logic. Attacks that targeted other browsers would often also include an infection vector for Internet Explorer, to improve the chances of actually gaining infected users.

Taking this line of reasoning a step further, users of other internet browsers argue that by not using Internet Explorer, their Internet experience is inherently safer.

Just this past week an interesting variation to this situation has come to light, with an attack surfacing on the Nobel Peace Prize website that only targeted users of the Firefox browser. The attack was made using a very recently disclosed vulnerability and did not contain any infection vector targeting Internet Explorer users.

The malware installed by the attack gives the attacker control over the infected system to the same level as the infected user.

Until a patch can be applied, disabling JavaScript support prevents infection due to this vulnerability.

30 October 2010

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.