Malware Hits IE, then Attacks Firefox

Tuesday, September 27, 2011 @ 02:09 PM gHale


A new malware threat is out there that after it infects Internet Explorer, it then is able to introduce some spyware into Firefox.

This new virus is the Trojan.Tracur.C, according to Malware City, with the help of Bitdefender. When Internet Explorer users decide to update their Flash Player, the rogue plug-in compromises the browser and then infects Mozilla Firefox by adding a malicious add-on to it.

RELATED STORIES
New APT Attacks Hit Russia
Iran Creating Counter to Stuxnet
Malware Changes, Systems Need to, Also
Executive Fear: APT Attacks

Trojan.JS.Redirector.KY monitors all the web pages loaded in Mozilla’s browser. Once the unsuspecting user types the URL address of a search engine, such as Yahoo, Bing or Google, a piece of Java Script code injects into the resulting pages, making sure the first link points to a malware containing location.

From here on, the infection process continues, victims suffer attacks coming from all sorts of threats.

Trojan.Tracur.C affects Windows platforms and it runs automatically in an attempt to establish a communication channel with a remote server via HTTP, according to According to Sophos. It changes Internet Explorer settings by creating registries such as HKCR\.fsharproj, HKCR\Zghypcxhle, HKCU\Software\Zghypcxhle, HKCU\Software\Classes\Software\Zghypcxhle.

Trojan.JS.Redirector viruses operate by launching an SQL injection attack that inserts JavaScript into the HTML pages they target. They can also be in HTML-based email messages which embed the script or bad websites which redirect the user to unwanted locations.

To protect a computer from such infections, users should have a firewall enabled on the device which will filter out all the unwanted data coming from the Internet. Also make sure anti-virus is running and its virus definition database is up to date.



Leave a Reply

You must be logged in to post a comment.