Alternative Browsers Now Getting Love…

Rogue AV pimps finally show love for alternative browsers. Mozilla Firefox, Google Chrome, and Apple Safari are beginning to see ad distributing malware that are disguised as legitimate antivirus programs with the look and feel of the browser itself.

A security researcher from Zscaler recently uncovered a campaign tailored to the browser that the intended victim is using. Those with Internet Explorer (IE) will see the same graphic depicting a Windows 7 security alert, but when a person is using Firefox, the image contains internal Firefox elements in the source code and also spoofs the security warning the browser shows when users attempt to navigate to an address known to be malicious, a senior security researcher at Zscaler said. When the intended target visits the page with Chrome, the ruse looks altogether different. The first screen shows a warning window bearing the browser’s distinctive logo and the words “Chrome Security has found critical process activity on your system and will perform fast scan of system files.” The user then sees what purports to be a Chrome window showing a virus scan. Safari is also spoofed, although with significantly less effort. The scan page defaults to the look and feel of IE. The ads are an attempt to trick visitors into believing they have infections that can be cured by the software being offered in the ad.
Source: http://www.theregister.co.uk/2011/03/02/rogue_av_mimics_firefox