Computer Crime Research Center


Firefox add-ons exploited by hackers

Date: May 31, 2007

Hackers can drop malicious code into systems running Mozilla's Firefox when the browser is armed with any of several high-profile add-ons, including Google Toolbar and Yahoo Toolbar, a researcher revealed today. Mozilla has acknowledged the risk posed by some extensions.

Christopher Soghoian, a Ph.D student at Indiana University, outlined how "man-in-the-middle" attackers, especially in public wireless networks, could disguise malware as a Firefox extension and surreptitiously plant their code in lieu of a normal update to one of the vulnerable extensions.

The bulk of Firefox extensions -- small plug-ins that add features or functionality, and are almost universally created by volunteer developers or hobbyists -- are hosted and updated from Mozilla's own SSL-secured site, and are not vulnerable to this attack, Soghoian said. A number of broadly used third-party extensions, however, update from their own unsecured servers.
Add comment  Email to a Friend

Copyright © 2001-2024 Computer Crime Research Center
CCRC logo