It's also seen its first serious malware (define) exploit.
An exploit named Infostealer.Snifula first came to the attention of virus detection labs late last month. It uses an exploit in the Firefox browser in the cross-platform component object models (XPCOMs). XPCOMs are used for developing the extensions that have made Firefox so popular in the first place.
According to the report on Symantec's Security Response site, a spam email with a ZIP file attachment has been spammed out across the Internet. If you were foolish enough to open the zip, a Trojan horse called Downloader.Traus would download and install Infostealer.Snifula on your computer.
Infostealer.Snifula would then capture contents of form submission events, whether it's your bank or a Yahoo login, and sends the information to a remote site.
Symantec (Quote, Chart) has Infostealer.Snifula listed as a low threat because only a handful of instances have been reported so far, said Dave Cole, director of Symentec's security response team. The impact of this threat worries him more.
"It really showcases how sophisticated and complex we're starting to see malware become for non-Microsoft technologies," he said. Most threats, particularly criminal ones, targeted Microsoft (Quote, Chart). After all, Internet Explorer had 90 percent of the browser market, so it made sense to target it, said Cole. Firefox's growing popularity seems to change that.
Because it uses the extensibility of Firefox, Cole said he's not sure much can be done to stop these kinds of exploits.
"We wouldn't want to throw the baby out with the bathwater. If they make an extra step in authentication, how much ease of use do you want to lose for a few threats? Given the small amount of threats, that might be a bit of an overreaction," he said.
This article was first published on InternetNews.com. To read the full article, click here.
Loading Comments...