Firefox 4 crack spreads trojan

Posted by   Virus Bulletin on   Aug 6, 2010

'Cracked' versions of free software used to spread malware

In a new malware campaign, users are told they can download a free crack of the Firefox 4 browser, only to find themselves infected with trojans.

The lure of 'free' has made many a user browse the more dodgy parts of the internet, where crooks are eagerly waiting to infect their computers with malware. Cracked versions of commercial software more often than not contain malware and in many cases not even the real software itself. Apart from legal and moral considerations, users should be wary that cracked software is likely to contain unwanted extras.

What makes this case interesting is that Firefox 4, the new version of the popular browser which was released as a beta last month, is available for free from Mozilla's website; downloading a crack is thus totally pointless. It is thus not surprising that it is dangerous too and researchers at Sunbelt found at least five different pieces of malware in the download.

More at Sunbelt's blog here with not-so-subtle comments from The Register here.

Posted on 06 August 2010 by Virus Bulletin

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Advertisements on Blogspot sites lead to support scam

Support scam pop-ups presented through malicious advertisements show that, next to vulnerable end points, gullible users remain an easy source of money for online criminals.

To make Tor work better on the web, we need to be honest about it

Many websites put barriers in front of visitors who use the Tor network. If we want to make the web more accessible through Tor, we need to be honest about why this is done, rather than cry wolf about a dislike for privacy, Martijn Grooten says.

Paper: How It Works: Steganography Hides Malware in Image Files

A new paper by CYREN researcher Lordian Mosuela takes a close look at Gatak, or Stegoloader, a piece of malware that was discovered last year and that is controlled via malicious code embedded in a PNG image, a technique known as steganography.

Paying a malware ransom is bad, but telling people to never do it is unhelpful advice

The current ransomware plague is one of the worst threats the Internet has seen and it is unlikely to go away any time soon. But telling people to never pay the ransom is unhelpful advice.

VB2015 paper: VolatilityBot: Malicious Code Extraction Made by and for Security Researchers

In his VB2015 paper, Martin Korman presented his 'VolatilyBot' tool, which extracts malicious code from packed binaries, leveraging the functionality of the Volatility Framework.