Advanced Power’ Botnet Attempts to Attack Website Using Victim’s Machine
Security researcher Brian Krebs has discovered a new Botnet that tests websites for vulnerabilities using the infected machines.
The malware disguise itself as a legitimate Firefox add on called
“Microsoft .NET Framework Assistant” is apparently using the infected
machines to find SQL Injection vulnerability in any website visited by
the victim.
Once the malware determine the list of vulnerable website, the cyber criminals behind the botnet will be able to exploit the vulnerability to inject malicious codes in the websites. So, it will probably help the attacker to increase the number of infected websites and systems.
Once the malware determine the list of vulnerable website, the cyber criminals behind the botnet will be able to exploit the vulnerability to inject malicious codes in the websites. So, it will probably help the attacker to increase the number of infected websites and systems.
Advanced Power test SQL Injection vulnerability
The malware also capable of stealing sensitive
information. However, the feature is not appeared to be activated on
infected systems.
Researcher says more than 12,500 systems have been infected by this malware and helped to discover at least 1,800 web pages vulnerable to SQL Injection.
Update:
In an email, a Mozilla spokesperson told EHN that “they have disabled the fraudulent ‘Microsoft .NET Framework Assistant’ add-on used by ‘Advanced Power’ as part of its attack. You should always be careful with anything you download. It’s a good idea to use many layers of protection, including antivirus software to stop malware.”
