RealTime IT News

Firefox Is Doing So Well It's Now A Malware Target

You've come a long way, baby. Mozilla has arrived in a big way, with the 200 millionth download of the Firefox browser on Monday, less than two years after Firefox made its debut.

It's also seen its first serious malware  exploit.

An exploit named Infostealer.Snifula first came to the attention of virus detection labs late last month. It uses an exploit in the Firefox browser in the cross-platform component object models (XPCOMs). XPCOMs are used for developing the extensions that have made Firefox so popular in the first place.

According to the report on Symantec's Security Response site, a spam email with a ZIP file attachment has been spammed out across the Internet. If you were foolish enough to open the zip, a Trojan horse called Downloader.Traus would download and install Infostealer.Snifula on your computer.

Infostealer.Snifula would then capture contents of form submission events, whether it's your bank or a Yahoo login, and sends the information to a remote site.

Symantec  has Infostealer.Snifula listed as a low threat because only a handful of instances have been reported so far, said Dave Cole, director of Symentec's security response team. The impact of this threat worries him more.

"It really showcases how sophisticated and complex we're starting to see malware become for non-Microsoft technologies," he said. Most threats, particularly criminal ones, targeted Microsoft . After all, Internet Explorer had 90 percent of the browser market, so it made sense to target it, said Cole. Firefox's growing popularity seems to change that.

Because it uses the extensibility of Firefox, Cole said he's not sure much can be done to stop these kinds of exploits.

"We wouldn't want to throw the baby out with the bathwater. If they make an extra step in authentication, how much ease of use do you want to lose for a few threats? Given the small amount of threats, that might be a bit of an overreaction," he said.

Mike Schroepfer, vice president of engineering for The Mozilla Foundation, reiterated the need to be careful with attachments.

"While this malware is trying to mask itself by corrupting a Firefox installation, it is no different from any other malware that a user might be tricked into installing from a spam email or malicious website.

"We encourage people to be careful when installing software from unknown sources, especially files linked to or as attachments to emails," he said in a statement to internetnews.com.

Firefox has some clear momentum on its side. It has passed 15 percent usage in the United States, according to OneStat.com, a Web analytics firm. It's also doing well overseas. In Germany, it has 39 percent market share and in Australia it has 24 percent share.

Even more proof it has arrived: Microsoft will add Firefox 1.5 support to an upgrade to adCenter. The upgrade is planned for August 5.