Avast WEBforum

Other => General Topics => Topic started by: polonus on July 26, 2006, 01:25:31 PM

Title: Malware poses as Firefox extension
Post by: polonus on July 26, 2006, 01:25:31 PM

Hi malware fighters,

Malware fighters always been ingenious, but this topples it all. A firefox extension that is not a plug in but a malware trojan stealing all your privacy resources.
Read and be afraid:
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=140256

My humble opinion, where is the FF or Flock certification system. Now they confonted with the lack of plug-in security. Their  only advise was One Password.

polonus

Title: Re: Malware poses as Firefox extension
Post by: bob3160 on July 26, 2006, 01:35:43 PM

Maybe I'm confused but why is this classified as a low security risk ?

Quote

Virus Profile: FormSpy
Risk Assessment   
  - Home Users: Low
  - Corporate Users: Low
Date Discovered: 7/25/2006
Date Added: 7/25/2006
Origin: N/A
Length: 42,496 bytes
Type: Trojan
SubType: Spyware
DAT Required: 4814

Title: Re: Malware poses as Firefox extension
Post by: DavidR on July 26, 2006, 03:16:34 PM

Quote

Discovered from the wild, this malware was downloaded and installed by the Downloader-AXM trojan.

So it pays to ensure your security tools are up to date and prevent the trojan downloader getting established in the first place. Also ensure you have good outbound firewall protection to at least alert you to any unauthorised outbound connection that the downloader may attempt if it does manage to get past your defences.

Title: Re: Malware poses as Firefox extension
Post by: polonus on July 26, 2006, 06:32:34 PM

Hi Bob3160,

This development had to be expected, when add-ons came in like AllPeers, see http://software.newsforge.com/software/06/06/20/1940233.shtml?tid=130&tid=13
which seem safe at first sight, but controversial at least in some respects.
So here it is the same old routine, download only from a reliable source, check and doublecheck, and everybody knows the old saying: "Curiosity killed the cat or your computer integrity in this case".
Therefore it is curious that youngster these days not even seem to care one bit or byte to  minimalize the risk of viruses and other malware, it is just part of the bargain they think, they reinstall easier as you can blink your eyes, while they don't think how they endanger the security of others during the process. Irresponsible behaviour or just plain stupidity, I don't know where this stems from.

polonus