funsec mailing list archives
Spyware writer endorses IE over Firefox, Opera
From: <rms () computerbytesman com>
Date: Mon, 17 Mar 2008 18:08:37 -0400
I was helping a friend today to clean up a spyware infection on his laptop. The spyware Trojan on his computer is implemented as an Internet Explorer BHO and it grabs usernames and passwords from login forms of online banking Web sites. I did some research on the Trojan and found that it also deletes key DLLs used by Firefox and Opera. At first, I was confused why. Then I realized the Trojan author only wants people to use Internet Explorer and not other browsers. It's probably too much effort to do a port his Trojan to Firefox and Opera, so he instead tries to force people to always use IE. I'm also scratching my head why BHOs in Internet Explorer aren't denied access to the DOM of a Web page which uses the https: protocol. Richard
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Spyware writer endorses IE over Firefox, Opera rms (Mar 17)