Trojan Analysis Leads To Russian Data Hoard

Stolen Identity writes "An attack by a single Trojan variant compromises thousands, circumvents SSL, and uploads the results to a Russian dropzone server. A unique blow-by-blow analysis reveals evidence of cooperation between groups of malware specialists acting as service providers and points to the future of malware's growing underground economy."

What About Firefox Users?

[eldavojohn]

From the article,

• Steals SSL data using advanced Winsock2 functionality
• State-of-the-art, modularized trojan code
• Spread through IE browser exploits
• etc ...

When I read the Slashdot summary, I was initially concerned that I may be at risk. But then I noticed the above three lines and realized there was no risk since I don't use IE.

But, in the end, if this is an exploit utilizing the very basic network DLL that windows provides for socket connections (Winsock2--which is what I assume all network applications eventually link against in Windows) then why aren't other browsers at risk?

I know Firefox is awesome & more secure & all that jazz but I haven't done enough network programming to know the nitty gritty details of it. Does anyone know why, if this trojan is exploiting the basic socket connection library that the Windows API provides, all browsers aren't potential victims?

I mean, it makes sense to introduce some sort of security that never ever lets anything but the browser's code access the interfaces to these libraries ... is IE really that flawed?

Re:What About Firefox Users?

[BlueTrin]

is IE really that flawed?

+2 funny

headline strike again!

[Arielholic]

Trojan Analysis Leads To Russian Data Hoard

So the analysis led the the hoarding? Everybody stop analyzing NOW!