Security researchers at Trendmicro have discovered a spyware that is installing itself as an add-on in the popular web browser Firefox. The add-on, which is then listed in the Firefox add-on list, is named Adobe Flash Player 0.2. This add-on uses a description that links itself to Adobe Flash Player 10 which does look legit at first glance. Only the low version number and the fact that it is listed under extensions and not plugins could cause suspicion by Firefox users.
The spyware add-on itself is distributed through forums and websites but not the main Firefox add-on repository. Users are once again reminded to only install add-ons from trustworthy sources.
The spyware add-on injects ads into Google search results pages. More disturbing than that is the fact that the Google search history gets transferred to a third party website that is (most likely) run by the developers of the spyware add-on. This means that every Google search query is transferred to the third party server.
Trendmicro suspects a change in criminal behavior. The web browser that was targeted the most in past years was Microsoft’s Internet Explorer. The user increases of Firefox makes it the second most popular web browser after Internet Explorer and some spyware developers might have decided that the critical mass is large enough to develop spyware for that web browser as well. Via Trendmicro, thanks Jojo for the news.
Read Related Posts
-
Adobe Reader, Acrobat and Flash Player Zero Day Vulnerability
-
Adobe Flash Player Clickjacking Vulnerability
-
Manage Flash Cookies with Better Privacy
-
Mozilla Checks Flash Version After Firefox Updates
-
Adobe Releases Flash 10.1 and Air 2.0 Previews
-
Adobe Flash Security Scan
-
Democracy Player
-
Run Multiple Anti-Spyware Tools With Hitman Pro
7 Responses to “Firefox Spyware Add-On Adobe Flash Player 0.2”
Trackbacks/Pingbacks
-
[...] un browser utilizzato quasi alla pari con Internet Explorer, dovremo fare molta piĆ¹ attenzione. (via) Tweet This!Share this on FacebookShare this on FriendFeedStumble upon something good? Share it [...]
-
[...] SOURCE Share and Enjoy: [...]
-
[...] Via | gHacks [...]
And THIS is why Opera is refusing to open up for extension!!
@ Steinsk — and Fx too… with 4s delay to install it or cancel… of course if you know what are you installing…
and firstly Opera didnt have extensions… ;)
So who is collecting the search results? Can we trace it back to an author so the authorities can press criminal charges? Will Mozilla blacklist this extension (via checksum) so it CAN’T be installed? What can we do?
Probably using a hacked server for that purpose.