Norman ASA (http://www.norman.com), a security company offering products protecting government and enterprise networks and consumer desktops, says its its researchers have identified new Trojan malware that infected the Nobel Peace Prize site early Tuesday. The new Trojan was transmitted through a vulnerability in Firefox 3.5 and 3.6.
The Norman Malware Detection Team in Oslo found that the attack was enabled by a zero-day vulnerability in the popular Firefox web browser and recommend all Internet users be cautious when surfing the Net. If a user visited the Nobel Prize site while the attack was active early Tuesday using Firefox 3.5 or 3.6, the malware might be installed on the user’s computer without warning.
The malware would then attempt to connect to two Internet addresses, both which point to a server in Taiwan. If the connection was successful, the attacker would have access to the infected computer. This Trojan could be active on other web sites.