Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

ALERT: Firefox 2 Vietnamese Language Pack infected by malware

May 7th 2008 in Uncategorized

Thanks to Susan for the heads up…

Cite:  http://blog.mozilla.com/security/2008/05/07/compromised-file-in-vietnamese-language-pack-for-firefox-2/

Cite:  https://bugzilla.mozilla.org/show_bug.cgi?id=432406

Anybody who downloaded and installed the Vietnamese language pack ***since 18 February*** will have got an infected copy.  Symptoms include the display of unwanted advertising.

Mozilla notes that because only “16,667 total downloads of the Vietnamese language pack since November 2007” they consider that the impact on users will be “limited” – well, it may be limited in Mozilla’s eyes, but I suspect that those affected will be less dismissive.

It is staggering that the infected file was in situ and being distributed for over two and a half months. It is also staggering that Mozilla seemingly did (does?) not complete regular scanning of their files to check for previously undetected malware – didn’t they realise that there is always a period of time between malware being released to the wild, and security products updating their products to add detection of new malware??  By not regularly re-scanning all files available for download they expose(d) their users to real risk.

The malware is named in the bugzilla thread as “HTML.Xorer”.

Advice is to disable the Vietnamese Language Pack.

Comments are closed.

I received an email alert overnight warning that photobucket is displaying malvertizements.
The problem we face in tracking down the reported malvertizements on photobucket.com is that the advertisements are country specific. 
This blog has readers all over the world – if anybody has seen something, please grab proof using Fiddler and let me know.

Previous Entry

Once again, communication and cooperation between anti-malvertizement activists around the world has resulted in success.
We have found the malicious malvertizements on photobucket.com – Kimberley has the details.
The incident has been reported to Photobucket.  The malvertizements themselves are not new.  Speedstick and TokyoDrift have been featured on this blog several times.  As noted by Kimberley, the […]

Next Entry