![]() Some convenient web APIs like are also.Regularly check the addons you (or your users) have installed.Some malware authors don't seem to care at all to obfuscate their code.As aĬonsequence, a malicious ad tricked the user to install the The user complied - at least heĭeactivated AdBlock Plus on a few sites for some time. Started a campaign to deactivate the web ad-blocker to Seems to be this: Originally, only the legit AdBlock PlusĪddon was installed. I asked the owner of that Ubuntu machine if he had any idea how For example, to spy even more on the victim or make the In addition, theĪddon opens a backdoor to remotely inject iframes into each web Other shady malware data-collection servers. Profiles and URL parts are transferred to Google Analytics and Of personal information, such as all visited domains, history The malware, it constantly spies on the victim. Malicious malware pieces in a copy of the fine and legit uBlock Via the Mozilla addon repository and thus specifies a custom In our example, the malware wasn't installed Injection mechanism for controlling the victim's machine in aīotnet. Logs all key-strokes and provides an even more generic JavaScript One that captures complete URLs, spies on various access tokens, Of course, since Firefox auto-updates all addons by default,Įven when the addon wasn't installed from the official MozillaĪddon repository, the attacker can easily distribute justĪnother more evil version of its malware, anytime.
0 Comments
Leave a Reply. |