A strong fortress won't last on a puddle of mud
A spam campaign is pushing malware disguised as a Google Chrome extension.
[...]
Rather than delivering the promised extension, the malicious page sends a program that modifies Windows' Hosts file to redirect Google and Yahoo searches to a fake site that downloads other malware.
Criminals are increasingly attempting to conceal malware embedded in hacked websites from search engines such as Yahoo! and Google. Their aim is to prevent browsers which use technology such as Google's Safe Browsing API from sounding the alarm when a user visits a hacked website. Google's Safe Browsing API allows client applications to query Google's phishing and malware blacklist. Firefox and Google Chrome both make use of the API, which is based on Google searches of websites for suspicious code.
The company's Flashlight and Rapport services detect the latest version of Zeus, however, and the company recently developed a hardened version of Mozilla for UK bank HSBC specifically to counter the threat of advanced banking Trojans such as Zeus.
Hackers are using unsuspectingweb[Windows] users as 'malware mules' to infect other PC users with viruses, says Symantec.
Comments
Yuhong Bao
2010-04-26 23:20:22
Dr. Roy Schestowitz
2010-04-26 23:24:10
Yuhong Bao
2010-04-26 23:39:50
Dr. Roy Schestowitz
2010-04-26 23:51:20
Yuhong Bao
2010-04-26 23:59:39
Jose_X
2010-04-27 00:09:57
I just don't see a file ending in .exe as likely being a problem on Linux. I don't know the details (nor care) nor know how Windows works, but ....
Dr. Roy Schestowitz
2010-04-27 00:13:23
if that's the case, then Chrome for Windows gets too much, privilege-wise.