Wednesday February 10, 2010 1:57 AM AEST

SC Magazine Australia/NZ > News > Vulnerabilities & Exploits > Application Flaws > Mozilla confirms trojan-infected Firefox add-ons

Vulnerability Alerts

SANS

Infocon: green
Oracle has an unscheduled security alert and patch for CVE-2010-0073. The issue affects WebLogic Server and is remotely exploitable. Details and patch are here http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html, (Tue, Feb 9th)

Microsoft

Microsoft Security Bulletin Advance Notification for February 2010
Microsoft Security Advisory (980088): Vulnerability in Internet Explorer Could Allow Information Disclosure

CERT/CC

Latest Comments

"I too have been a labor voter for many years and will not be voting for them again. The ..."

on Net filter legislation to go public by March

by maxt | Feb 9, 2010 7:56 PM

"I’ve just had a user receive a rehashed version of this with an attached html file containing a ..."

on ATO struck by new phishing scam

by Owen Lutz | Feb 9, 2010 6:01 PM

"hi"

on Chinese hacker school shut down

by manish kumar | Feb 9, 2010 4:27 PM

"Hey 'hey con-roy' ... from Google Australia's head of policy Iarla Flynn"We don't believe that ..."

on Conroy meets with Google for YouTube filtering

by Keep it real | Feb 9, 2010 3:33 PM

"@penno Off-site storage is a good solution unless you have some decent backup software to ..."

on Opinion: My holiday tip - backup your data now

by Charmgene | Feb 9, 2010 2:36 PM

Application Flaws

Mozilla confirms trojan-infected Firefox add-ons

Browser firm admits failing to spot malware.

Mozilla has admitted in a security notice that two experimental add-ons for its Firefox browser contain Trojans that affect Windows machines.

The firm has since removed the add-ons from its official pages, but estimates that around 5,000 instances have already been downloaded.

"Two experimental add-ons, Version 4.0 of Sothink Web Video Downloader and all versions of Master Filer, were found to contain Trojan code aimed at Windows users," said the company in a statement.

"Version 4.0 of Sothink Web Video Downloader contained Win32.LdPinch.gen, and Master Filer contained Win32.Bifrose.32.Bifrose Trojan. Both add-ons have been disabled on Add-Ons for Firefox."

Mozilla warned that users who have already downloaded the add-ons will become infected.

Simply installing the add-ons will execute the Trojan the next time Firefox starts, while uninstalling them will not eradicate the problem. The company advised the use of an anti-virus program to remove the malware.

Mac and Linux users are not affected.

Ads by Google

Thoughts on this article? Add a comment below.

Be the first to comment on this article.

Report this comment as offensive:

* Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Most Read
Most Discussed
Latest News

Vulnerabilities & Exploits Whitepapers

Mozilla confirms trojan-infected Firefox add-ons

SC MAGAZINE SITEMAP

CATEGORIES

News

Alerts

Products

Stats

Blogs

Photo Galleries

Whitepapers

Events

Jobs

Downloads

Vulnerabilities & Exploits

Breaches & Exposures

Messaging

Mobile

Access Control

Biometrics & Forensics

Legal

Risk Management

Job Centre

Patch Management