Firefox Scam Tricks Users into Downloading Trojan
Posted by: Timothy Weaver on 05/26/2017 02:17 PM
[
Comments
]
Security company Proofpoint is warning Firefox users of a malicious scam that has been re-designed to target Mozilla Firefox users with a banking trojan.
Originally targeting Google Chrome users as "The 'HoeflerText' font wasn't found," scam, the lame authors didn't bother to change the name of the font.
If you land on a site with jumbled text, you may see a pop up asking you to update your "Mozilla Font Pack." If you fall for the scam and download the "font", you will actually get a ZIP file (Mozilla_Font_v7.87.zip), which contains a JavaScript file. You will then get instructions on how to install the "font".
If you run the instructions, you will be infected with the Zeus Panda banking Trojan. Once installed, it then connects to a command and control (C&C) server which will instruct the malware to send information on installed antivirus and firewall products.
Panda not only steals banking credentials but also bitcoin exchanges, payment card services and online payments providers, prepaid cards, airline loyalty programs and online betting accounts.
Firefox and Chrome users should be aware that both programs come with all the fonts you will ever need.
Source: The Hacker News
Originally targeting Google Chrome users as "The 'HoeflerText' font wasn't found," scam, the lame authors didn't bother to change the name of the font.If you land on a site with jumbled text, you may see a pop up asking you to update your "Mozilla Font Pack." If you fall for the scam and download the "font", you will actually get a ZIP file (Mozilla_Font_v7.87.zip), which contains a JavaScript file. You will then get instructions on how to install the "font".
If you run the instructions, you will be infected with the Zeus Panda banking Trojan. Once installed, it then connects to a command and control (C&C) server which will instruct the malware to send information on installed antivirus and firewall products.
Panda not only steals banking credentials but also bitcoin exchanges, payment card services and online payments providers, prepaid cards, airline loyalty programs and online betting accounts.
Firefox and Chrome users should be aware that both programs come with all the fonts you will ever need.
Source: The Hacker News
Comments
