Beware of free plug-ins

Do you like e-books? Free ones? They’re easy to find: e-books are often uploaded to public servers such as rapdishare, megaupload and others. Anyone who finds the link can download books from such websites for free.

Is is safe? Well – judge for yourself. Just the other day I found a browser plug-in on BitRoad dot net that people can download and use as a tool to download e-books. The plug-in is browser independent and attacks both IE and Firefox.

And yes…it was malware – AdWare.Win32.Kitsune.f. I checked for detection on Virus Total and the results were not great – 9/32 (26.13%).

And this is just one incident. In reality, this occurs every day. Plug-ins on any open freeware website can be malicious – there are no guarantees and obligations, after all. So…stay safe and surf cautiously. As ever.

Beware of free plug-ins

Your email address will not be published. Required fields are marked *



APT trends report Q3 2022

This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022.

APT10: Tracking down LODEINFO 2022, part I

The first part of this report will provide technical analysis of the new infection methods such as SFX files and DOWNIISSA, a new downloader shellcode used to deploy the LODEINFO backdoor.

Subscribe to our weekly e-mails

The hottest research right in your inbox