D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Banking trojan targeting Linux

 

On 09/08/13 13:14, Martijn Grooten wrote:
> On Fri, 9 Aug 2013, Daniel Case wrote:
>> >Wasn't there an exploit found in the version of Firefox that Tor use
>> for their browser?
>>
>> An old version IIRC, and it's only if you have javascript enabled.
>
> Firefox 17, which is indeed an old version but it's what Firefox's
> Extended Support Release is based on. It's also what's being used in
> the Tor Browser Bundle, which is what
> was targeted here.
>
> And yes, the exploit required you to have JavaScript enabled.
>
> Martijn.
>
> PS listadmins - for the second time this morning I sent an email to
> the list from the incorrect From address. Apologies for that. I'll
> look into alpine using the correct from address automatically.
>

It was also only in the Windows version of Firefox ESR 17 (which has
been patched in both the Tor bundle and upstream), and only if you had
javascript enabled. Pretty nasty of the Feds though, if admittedly clever...

Regards

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq