Firefox a Growing Target for Hackers

Hackers made Firefox the latest subject of attack last week, utilizing software that could capture extremely sensitive information, including credit card numbers and passwords.

On July 25, Symantec (Nasdaq: SYMC) Security Response detected Infostealer.Snifula, which downloads malicious Trojans onto a user's computer that can subsequently steal any information the user types into a form on the Web, according to Dave Cole, director of the Symantec Security Response group.

"That's the most robust, sophisticated, aggressive threat we've seen against Mozilla," Cole told LinuxInsider. Although only a "handful of people" were effected by this attack, it's an indication that hackers are starting to stretch beyond Microsoft's (Nasdaq: MSFT) Internet Explorer. A few months ago, hackers attacked Mozilla browsers with Javascript-based JS.Ffsniff, Cole said.

Firefox attempted to ease consumers' concerns.

"While this malware is trying to mask itself by corrupting a Firefox installation, it is no different from any other malware that a user might be tricked into installing from a spam email or malicious Web site," Mike Schroepfer, vice president of engineering for Mozilla, told LinuxInsider.

He encouraged consumers to be careful when installing software from unknown sources, especially files linked or attached to e-mails, and said the company will continue working closely with antivirus vendors.

No Safe Solution

"There was a great migration of people over to Firefox about two years ago, when people believed there were no vulnerabilities," Cole said. More attacks started taking place, however, especially during a roughly six-month period in 2005, when there were actually more attacks found on Firefox than on IE.

When Firefox first emerged, it was touted as being more secure than Microsoft's browser, but then the company needed to release more versions in response to security vulnerabilities, Amrit Williams, research director of information security and risk for Gartner (NYSE: IT), told LinuxInsider. When IE7 launches, much of the legacy code will be removed and organizations will need to have the right programs in place to patch any security holes.

"The major issue for an enterprise customer isn't a question of which is more secure, but it's a problem of compatibility," Williams said. "IE is so closely embedded into the Windows operating system that it's far easier for a hacker to take advantage of the integration."

Feeding Hackers' Hunger

Three factors attract hackers to various technologies: claims of increased security, increasing visibility and penetration in the market, and corporate adoption, Williams said. As Firefox begins to gain market share, it is likely to become more appealing to cyber-criminals.

"I wouldn't call this an epidemic, but we [have] started to see some threats emerge that target Mozilla," Cole said. "It's just like the rest of the software out there -- if you beat at it long enough, some of the vulnerabilities will fall out."

For now, the company might have time to bake security into its products. "Hackers are motivated primarily by monetary drivers, and when you're doing that you play with the numbers -- and the numbers are still very much in favor of IE," Cole said.

Still, Firefox needs to prepare for the unknown. "You can have a lot of foresight and do as much preparation as possible, but part of the measurement is how you respond when someone throws you a curveball," he said.

Self-Protection

"No one should come away from this thinking we're under assault, but the same kind of due-diligence and Internet street smarts are necessary on Mozilla [as on IE]," Cole continued. "If you see an update, take it, it's probably there for a reason. Be safe. Don't go to the bad neighborhoods, and watch where you put your mouse."

Consumers need to stop being naive and realize they are not immune from attack. They must constantly upgrade and clean their systems, and keep their firewalls and antivirus software up to date. They should be conscious of the fact that when their machines are crawling along, suspicious behavior may be taking place behind the scenes.

"There's no such thing as absolute security anymore. There's an automation of crime. People are developing malware that's going to look for vulnerabilities," Carol Baroudi, partner at research and consulting firm Hurwitz & Associates, told LinuxInsider. "I'm not saying be abstinent on the Internet, but surf safely."