Endpoint Protection

 View Only

Limited Firefox Zero-Day Attack in the Wild 

Oct 27, 2010 02:25 AM

Earlier today, Mozilla confirmed on its blog that an unpatched vulnerability exists in Firefox 3.5 and 3.6.

Unfortunately code exploiting the vulnerability is out in the wild. It has been reported that the website for the Nobel Peace Prize was compromised to host the exploit code. Symantec detects the malicious file that is dropped to the %Windir%\Temp folder when the exploit code is succesfully run as Backdoor.Belmoo. Funnily enough, the name of this file is "symantec.exe". The file attempts to connect to remote domains that are hosted in Taiwan and when successful, it opens a command shell to start a connection. This allows the attacker to send commands and pretty much perform anything on the compromised computer as if s/he is sitting in front of it.

We're currently investigating the vulnerability in depth in an attempt to create proactive detection for the vulnerability. Mozilla is also working on a patch and will be distributing it as soon as development and testing are complete. In the meantime, you can disable JavaScript in Firefox to protect yourself against the exploit.

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.