A Firefox 0-day vulnerability is being used to vend malware from the official website for the Nobel Peace Prize. Norman ASA detection executive Einar Oftedal stated in an instant message to the Register, “This iframe has a multi exploit backend and serves exploits for Firefox, including a working remote exploit for firefox 3.6.11, we didn’t see any 0day for IE.” The malware does not target Windows Vista, or 7 systems, limiting the attack to only Windows XP users running Firefox 3.6.11 or earlier.
Mozilla is aware of the vulnerability and is working on a fix that will most likely be out later this week once it has been tested. This attack is most likely not limited to the Nobel Peace Prize website and users of Mozilla’s Firefox can protect themselves from this attack by using NoScript or disabling JavaScript in their browser.
Some theorize the attack is related to the Nobel Peace Prize being awared to Liu Xiaobo this year, who is incarcerated in China for his participation in Chapter 08.