● 04.26.10

●● Eye on Security: All Web Browsers Are Insecure… on Windows

Posted in Free/Libre Software, Microsoft, Security, Windows at 4:18 pm by Dr. Roy Schestowitz

A strong fortress won’t last on a puddle of mud

Summary: News from the past few days can suggest that Microsoft Windows — not the particular Web browser — in the main source of threat

• Malware masquerades as Google Chrome extension

A spam campaign is pushing malware disguised as a Google Chrome extension.[...]Rather than delivering the promised extension, the malicious page sends a program that modifies Windows’ Hosts file to redirect Google and Yahoo searches to a fake site that downloads other malware.

• Malware hides from search engines

Criminals are increasingly attempting to conceal malware embedded in hacked websites from search engines such as Yahoo! and Google. Their aim is to prevent browsers which use technology such as Google’s Safe Browsing API from sounding the alarm when a user visits a hacked website. Google’s Safe Browsing API allows client applications to query Google’s phishing and malware blacklist. Firefox and Google Chrome both make use of the API, which is based on Google searches of websites for suspicious code.

• Trojan poses as Google Chrome extension

• Bank Trojan Takes Aim at Firefox Users [Mozilla Firefox on top of Windows is not secure]

The company’s Flashlight and Rapport services detect the latest version of Zeus, however, and the company recently developed a hardened version of Mozilla for UK bank HSBC specifically to counter the threat of advanced banking Trojans such as Zeus.

• PC Owners Being Used as ‘Malware Mules’

Hackers are using unsuspecting web [Windows] users as ‘malware mules’ to infect other PC users with viruses, says Symantec.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.

Permalink  Send this to a friend

----------

➮ Sharing is caring. Content is available under CC-BY-SA.