also @ TechSpot: IBM's Watson conquers Jeopardy, cancer and now customer service

Mozilla Firefox flaw exploited on Nobel Prize website

By Emil Protalinski

On October 27, 2010, 2:36 PM

Malicious hackers are exploiting a newly discovered vulnerability in Mozilla Firefox to launch drive-by download attacks, according to security software company Norman. The exploit, first discovered as being implemented on the Nobel Prize website, works on Firefox 3.5 and 3.6.

Firefox users who visited the website were silently infected with Belmoo, a Windows Trojan that gives the attacker complete control of the machine. Once successfully installed, the malware creates an executable in the Windowstemp directory and sets it to run on startup via the registry. It also attempts to connect to two Internet addresses, both which point to a server in Taiwan, through which someone can control the system.

Mozilla has acknowledged the problem and is investigating it further. "We have diagnosed the issue and are currently developing a fix, which will be pushed out to Firefox users as soon as the fix has been properly tested," the company stated. "The trojan was initially reported as live on the Nobel Peace Prize site, and that specific site is now being blocked by Firefox's built-in malware protection. However, the exploit code could still be live on other websites." In the interim, Firefox users have two workarounds available to them: disable Javascript and/or use NoScript.


,

27 comments

User Comments: 27

Got something to say? Post a comment
  1. October 31, 2010 8:56 AM
    pyari said:

    ie download-download-download-download - then - "error on install due to firefox running in another window"

    i really don't understand this line.

    Reply
  2. October 31, 2010 9:05 AM
    Leeky
    Leeky, TechSpot Moderator, said:

    Ha, someone might actually get offended by that comment!

    And really, many people rely on foreign and top level solutions. I know loads of people who use Tokelau-aliases for their websites. And Niue-servers to host them. To put it frankly, I'm offended by this comment. However I understand how you think, and it's perfectly fine wanting to increase one's security.

    But a solution like this would simply not work. Especially not if everyone started using Windows' and browser's which block foreign content. Multimillions of dollars will be lost if the world-wide-web stopped being world-wide. Foreign people would stop learning things from YouTube, foreign people would not be able to chat with friends on Skype, MSN or Facebook, foreign people would sieze developing. And no good can come of this, you know...

    Would be a bummer for me, I use co.uk, and .com addresses all the time.

    If my country blocked .com we'd lose half of our own countries websites - People here use .com as well as .co.uk, among other TLD's.

    Reply

Recently commented stories

Comments page: 1 2

Post a new comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.
TechSpot on:

Most Popular

Trending Featured
More Trending Topics

Featured on Cameras

Downloads and Drivers

Downloads   Drivers  

IObit Malware Fighter 2.0

Instantbird 1.4

BitTorrent Sync 1.0.134

Spybot - Search & Destroy 2.1.19

Google Chrome for Windows 27.0.1453.93

More Downloads

Latest Discussion

How did my Windows key become disabled? 9 replies on Other Hardware

Facebook won't load 6 replies on Storage and Networking

For LinkedKube :) 16 replies on Overclocking, Cooling and Modding

First Build Problems 5 replies on Other Hardware

Graphics Card Question 7 replies on Audio and Video

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.