Mozilla Firefox flaw exploited on Nobel Prize website

By Emil ยท 27 replies
Oct 27, 2010
Post New Reply
  1. Malicious hackers are exploiting a newly discovered vulnerability in Mozilla Firefox to launch drive-by download attacks, according to security software company Norman. The exploit, first discovered as being implemented on the Nobel Prize website, works on Firefox 3.5 and 3.6.

    Read the whole story
  2. nismo91

    nismo91 TS Evangelist Posts: 930   +33

    i think mozilla need to hurry up the final version of firefox 4.
  3. JMMD

    JMMD TechSpot Chancellor Posts: 854

    I use noscript and keep javascript disabled unless I have to use it. What I would really like is for Windows and Web browsers to block all servers from foreign domains (or specified top level domains) since a lot of these issues originate from non-US domains/networks.
  4. klepto12

    klepto12 TechSpot Paladin Posts: 1,115   +9

    man i love firefox about the only browser i use hope they fix it soon.
  5. Technochicken

    Technochicken TechSpot Paladin Posts: 729

    How does malware end up on the Nobel Prize website?
  6. Ahmed90

    Ahmed90 TS Enthusiast Posts: 99   +10

    bugs are every where and hackers will always find them and so far there is no full effective solution for all these Trojans, viruses, etc...

    looooool thats the most weird solution i ever heard
  7. neowing

    neowing TS Booster Posts: 295

    I want to know if this case effected in Dule boot with WinXP and Linux.
  8. JMMD

    JMMD TechSpot Chancellor Posts: 854

    Really? makes a lot of sense from a security standpoint. Let's say that 80% of malware being served on hacked websites is downloaded from a .ru , cn, pl, etc. domain/host.

    Wouldn't blocking all of those domains make sense? I have no need to ever access any top level domains from other countries. It's not going to stop everything but every bit helps.
  9. JMMD

    JMMD TechSpot Chancellor Posts: 854

    It all depends on which operating system you were using at the time. If you were in Linux then probably not.
  10. Ahmed90

    Ahmed90 TS Enthusiast Posts: 99   +10

    maybe you "have no need to ever access" these sites but many many many other people do need it

    maybe instead the internet main organizations should make some laws for local data-centers in these countries

    but blocking them nope it will never solve the issue thy can easily get a .com domain or even .us and use it with such a infected servers / web sites
  11. TomSEA

    TomSEA TechSpot Chancellor Posts: 2,718   +860

    Huh...what an odd website to drop a trojan on.
  12. frodough

    frodough TS Rookie Posts: 90

    wow that's like putting a spotlight on a perfect storm.. dont do it! it's a trap! im not a troll but this is how i felt after reading this.
  13. Some workarounds that are more than a quick fix and more universal in their prevention controls:
    1) Use antivirus software. This could have identified the trojan during or right after the download.
    2) Use software to stop apps from running. Some firewalls do this. With Windows, if User Account Control (UAC) is on, then UAC will prompt you. This could have stopped the trojan from changing the registry, connecting to a remote server...
    3) Use a firewall to control network connections. There are firewalls that can be configured to only allow outgoing connections you want and block the ones you don't want. This could have stopped the trojan from connecting to a remote server. They can also do the same for inbound connections, which could stop the remote server from making your computer a slave.
    4) And if the above is still not enough, use software that can block domains or IP addresses. This could have stopped outbound and inbound connections with a remote server.
  14. Firefox Version 3.6.12 is now available.
  15. klepto12

    klepto12 TechSpot Paladin Posts: 1,115   +9

    Seems they already posted the fix check it out.
  16. HaMsTeYr

    HaMsTeYr TS Guru Posts: 379   +6

    Congratulations, while visiting a nobel prize website, you got hacked. Indeed, what a strange place to put a trojan in... But maybe thats the thing, the least expected it is, the higher the chance of catching people of guard i suppose.
  17. Archean

    Archean TechSpot Paladin Posts: 5,690   +96

    Well, I am unsure, but just now there is a FF update to version 3.6.12; may be that has fixed it? I hope someone will confirm it.
  18. highlander84

    highlander84 TS Booster Posts: 108   +30

    Would been nice for Techspot to tell us what those IP's are if they knew. Then Id just block them from my router and even if I was infected they would not be able to gain control because id have the server blocked. I think if information like that was published people could better protect their self's.
  19. Lokalaskurar

    Lokalaskurar TS Enthusiast Posts: 544

    Ha, someone might actually get offended by that comment! :)

    And really, many people rely on foreign and top level solutions. I know loads of people who use Tokelau-aliases for their websites. And Niue-servers to host them. To put it frankly, I'm offended by this comment. However I understand how you think, and it's perfectly fine wanting to increase one's security.

    But a solution like this would simply not work. Especially not if everyone started using Windows' and browser's which block foreign content. Multimillions of dollars will be lost if the world-wide-web stopped being world-wide. Foreign people would stop learning things from YouTube, foreign people would not be able to chat with friends on Skype, MSN or Facebook, foreign people would sieze developing. And no good can come of this, you know...
  20. sMILEY4ever

    sMILEY4ever TS Booster Posts: 158

    Good thing I use Noscript and usually allow it to block stuff.
  21. Burty117

    Burty117 TechSpot Chancellor Posts: 3,147   +915

    If you do want to block TLD (Top Level Domains) Install DNSKong

    this will allow you to enter .ru for example and any DNS lookup for any .ru websites will get directed to your internal loopback address meaning it will go no were!

    Incase anyone wanted to know if it was possible....
  22. ucould2

    ucould2 TS Guru Posts: 271

    & five) clean out your Temp/folders oh I mean Ccleaner your temp/folders
  23. xcelofjkl

    xcelofjkl TS Rookie Posts: 86

    Seeing a trend? Google with their password hacking, Trojan affecting Mac and Win7, then this? We gotta be careful, we're being watched!
  24. pyari

    pyari TS Rookie Posts: 66

    this Q is always in my mind.why hackers, crackers always go one step ahead form developers? do the developers wanna that may be they wanna work to do?
  25. ucould2

    ucould2 TS Guru Posts: 271

    I still cannot get this to install yet ie download-download-download-download - then - "error on install due to firefox running in another window"......yes it's "autodownloading" -wtf...??

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...