Firefox attacked

Glenn · Jan 31, 2010, 08:38:53

Firefox-based attack wreaks havoc on IRC users World's first inter-protocol exploit, but not the last

Underscoring a little-known web vulnerability, hackers are exploiting a weakness in the Mozilla Firefox browser to wreak havoc on Freenode and other networks that cater to users of internet relay chat.

Using a piece of javascript embedded into a web link, the hackers force users of the open-source browser to join IRC networks and flood channels with diatribes that include the same internet address. As IRC users with Firefox follow the link, their browsers are also forced to spam the channels, giving the attack a viral quality that has has caused major disruptions for almost a month.

http://www.theregister.co.uk/2010/01/30/firefox_interprotocol_attack/

Niall · Jan 31, 2010, 09:40:59

Well it just goes to show how little irc users know these days. When I was using that until about a year ago, pretty much everyone on the networks knew not to click links in irc chat unless it was obvious that it wasn't a virus link. This has been going on for years in irc channels.

Den · Jan 31, 2010, 10:25:22

If this was IE8 everyone would be shouting about how MS leaves loopholes and does not care

Glenn · Jan 31, 2010, 10:27:05

I use Firefox, IE8 & Safari, Den, so I normally stay quiet.

Den · Jan 31, 2010, 10:32:32

I'm using IE8 and Firefox but IE8 is proving so good I rarely use Firefox

mrapoc · Jan 31, 2010, 19:27:27

I think it boils down to the market share,

Most if not all browser based IRC activity is probably via firefox using some addon like chatzilla

I dont think IE8 could even do IRC so thats probably why firefox was concentrated on.

Bet they could even attack mac/safari users if there was enough point

saying that...what was the point in this attack..

Glenn · Jan 31, 2010, 19:30:46

Sending spam I think Sam

Gary · Jan 31, 2010, 20:11:35

Quote from: Den on Jan 31, 2010, 10:25:22
If this was IE8 everyone would be shouting about how MS leaves loopholes and does not care

If I had a £ for everytime you said that

All browsers have holes and get attacked, its just IE is one of the most widely used, and Microsoft are slow at patching compared with FF but then again MS have a lot more to patch. Horses for courses really Den, use what you like because that's the right thing to do.

psp83 · Feb 01, 2010, 17:32:02

All software has holes in. Even this forum has holes in. Even my own coding has flaws. Nothing is and never will be 100% secure.

Rik · Feb 01, 2010, 17:36:07

We like to think of them as ventilation, Paul.

Glenn · Feb 01, 2010, 17:38:15

My old tablet laptop is very secure, I don't turn it on

Rik · Feb 01, 2010, 17:39:42

I've got a machine like that.

Niall · Feb 01, 2010, 18:17:17

Quote from: psp83 on Feb 01, 2010, 17:32:02
Even my own coding has flaws.

You the worlds best programmer then?

psp83 · Feb 01, 2010, 21:05:35

Quote from: Niall on Feb 01, 2010, 18:17:17
You the worlds best programmer then?

I'm great, not the best thou