Security News HoeflerText SocEng Attack Now Targeting Firefox with a Mozilla Font Pack

[frogboy]

For a while now, malware distributors have been using a social engineering attack against Chrome users that entails a website showing an alert stating that a font needed to view the web page was not found. This attack then prompts the Chrome user to download a Chome Font Pack in order to properly view the site.

Today, ProofPoint exploit expert Kafeine discovered that attackers have modified this attack to target Firefox users as well. Now when a visitor goes to a page that has this attack, the script will determine the browser and display the appropriate attack for either Chrome or Firefox. This attack campaign is currently pushing the Zeus Panda banking Trojan.

Examining the Firefox HoeflerText Attack
The attack entails tricking a target into going to a specific URL that is hosting javascript code that starts the attack. It is not currently known if the user is going to this URL through

malspam, malvertising, or exploit kits. Once a Firefox user visits the site, they will be shown an alert stating that "The "HoeflerText" font was not found." and that they need to update the "Mozilla Font Pack"

Read More. HoeflerText SocEng Attack Now Targeting Firefox with a Mozilla Font Pack

 

[In2an3_PpG]

For Firefox users i believe NoScript would come in handy.

 

[Winter Soldier]

Nice share @frogboy, it is better to continue using Sandboxie