Rogue Botnet using victims computer, Internet browser to scan Vulnerable websites and inject malicious code blocked by Mozilla.

A new Botnet that affected over 12,500 system in just a few day, The Botnet which acted as a legitimate Firefox extension, once installed in victims system, used victims Internet browser to scan every single website surfed by the victim to find sql injection vulnerability.
If the attacker founds any vulnerable website on a weak server, he could inject the malicious code on the database and could be used to access the data from database, it was interesting to see that the Malware was able to steal data from victim’s computer. but it was not triggered to do so. 
It is still not known how the Malware was spread, it could be through software bundles, hacked website, or spam on social Networks.



Looking further into Botnet Administrative panel, The malware have affected 12,500 systems and have found more than 18,00 webs pages vulnerable to sql injection, said a report from krebson security 

Mozilla in a recent press release have confirmed they have blocked the rogue addon which used the Name as ‘Microsoft .NET Framework Extension’ By putting it into its block list. 

“Microsoft .NET Framework Assistant (malware) has been blocked for your protection,” the notice seen by the affected users said. 

Moreover They also said it is not any thing related with Microsoft but a fake Botnet. addon installed on any system will be automatically blocked and no longer usable.

Abhishek Kumar Jha
Abhishek Kumar Jha
Knowledge is Power

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Read More

Suggested Post