--
Graham Cluley at Sophos.com has provided a great article at his blog about BAD Add-Ons for Firefox. The most recent is nasty spyware, another is infected with a spyware Trojan horse, and the last has a potentially dangerous security hole that could lead to PWNing your machine:
Mozilla pulls password-sniffing Firefox add-on
All of these Firefox Add-Ons have been blocked from distribution by Mozilla. But if you happen to have them laying around or have installed them: Kill them.
Mozilla Sniffer: It has been available since June 6, 2010. It spies on Internet passwords you enter in Firefox and sends them to nefarious fiends.
Master Filer: The infected version has been available since earlier in 2010. It is infected with the LdPinch Trojan horse, which also steals your Internet passwords and sends them to nefarious fiends.
CoolPreviews: Versions 1.0 through 3.0.1 have a demonstrated security vulnerability that could allow run malicious code on your computer. (Sounds like a typical buffer overflow problem). Proof-of-concept code has been created that demonstrates how to perform the hack. Therefore, it is critical to update to the latest version of CoolPreviews.
There have been other BAD Add-Ons as well, all of which Mozilla have blocked from distribution.
As a side note:
This same sort of problem has been plaguing the Android community whereby anyone can post anything as an application, including crapware and malware. As with Mozilla, Google have no formal system for approving or filtering bad software apart from reports from users. Therefore, it is likely that a number of people are going to be victims of BAD software before it is removed from distribution.
To be honest, this lack of formal software scrutiny system is what we are all used to in the general computer community. The best workarounds have been the use of websites like MacUpdate, VersionTracker, TuCows, MajorGeeks, etc., where either the site managers or other users have tried and rated the software.
For better or worse, Apple now use a formal scrutiny system at their App Store for the iPhone, iPod Touch and iPad. If you download a CrapApp onto your iOS device, you can point fingers at Apple for messing up. Microsoft have had a copycat scrutiny system for their Zune thing app store and plan the same thing for their Windows Phone 7ista OS thingies. Meanwhile, for all other devices, it is that mean old adage: Caveat emptor, IOW Downloader Beware.
--
Popular Posts
-
This is very easy and simple method to trace phone number not only at India its at worldwide. This is possible due to service and applicatio... -
What is BackTrack 5 Backtrack is a very popular linux distribution for penetration testing. It has hundreds of tools for pentesting and ha... -
When creating a Facebook account, the system automatically assigns the user an identification number, known as the Facebook ID. Facebook al... -
This is Opera Mini Hanler v7.5 which is released for Android OS . With this hacked version, you can browse Internet for free with Airtel,Air... -
Media player without installation. Download Portable Winamp Full (14.5 MB) Download Portable Winamp Lite (8.1 MB) Extract and run Winamp...
-
.jpg)
You must have enjoyed YouTube videos on the official YouTube app on your Android device, but the downside with the app is slow buffering and... -
Ipadian iOS emulators for Windows allow you to run your favorite iOS apps on your Windows computer. Isn't cool to have your iPad apps ru... -
Professional photographer's essential toolbox without installation. English, German, Spanish, French, Italian, Japanese, Korean, Dutch,...
-
Viber Free Calls Viber Free Call and Text Messanging Service With Viber you can Create free call with other viber user.No more Balance cuts ... -
Facebook is our Social Life . Everybody want backup of your life so its not possible but backup of your FB Social Life is Possible. There a...
No comments:
Post a Comment