Bitdefender has added detection against the Tor Browser Bundle exploit. The exploit has been involved in an operation aimed at de-anonymizing the users of websites hosted by FreedomHosting.
Exploit.JS.Agent.BB uses a heap-spraying technique to break the javascript engine and eventually drop and execute a payload file, such as this one. As the exploit is publicly available, we judge the probability of it being used in other attacks by other actors as high.
So far, a handful of installed Bitdefender instances in France and the Dominican Republic have reported detection of the exploit.
[…] but users of earlier versions should update at their earliest convenience. Bitdefender has added detection for the […]
[…] consideramos la probabilidad de que sea utilizado en otros ataques por otros actores”, advierte la […]
“operation aimed at de-anonymizing” rumors say that was used by *.*.* to catch pedo’ hidden behind TOR
Do no if is a good news that they will catch some pedo, or if is a bad news knowing that they have 0-days 🙂
No 0-day was used, although the exploit was previously unknown the bug had actually been known for a short while:
http://www.mozilla.org/security/announce/2013/mfsa2013-53.html
Though pedophilia may be a problem, it is most certainly the usual pretext to go after anyone who is disliked in a frame-up operation. It is very easy to plant pedo material on a computer (similar to the way drugs can be planted on someone).
bugul(2013-53) a fost facut public pe 25 iunie, articolul de la care a pornit totul “FBI says Irishman is baron of online child porn” a fost publicat pe 3 august. respectivul “was arrested on Thursday on foot of an extradition warrant was issued by a US court on Jul 29 last”,
Pe 4 august “large number of hidden service addresses have disappeared from the Tor Network. There are a variety of rumors about a hosting company for hidden services: that it is suddenly offline, has been breached, or attackers have placed a javascript exploit on their web site.”
~1 luna pentru a planifica si executa o operatiune de asemenea amploare si la un asemenea nivel e oarecum SF => cel mai probabil cei de la fbi/nsa/*.*.* cunosteau bugul ala cu mult inainte de a deveni public.
“This vulnerability was fixed in Firefox versions 17.0.7 and 22, which were released on June 25, 2013.” *
Publicarea bugului doar a grabit operatiunea.
*blog . mozilla . org/security/2013/08/04/investigating-security-vulnerability-report/
need to download bitdefender rootkit scan and removal
browser protector for safari does not install…
<strong>… [Trackback]</strong>
[…] Find More Informations here: labs.bitdefender.com/2013/08/bitdefender-detects-tor-browser-bundle-javascript-exploit/ […]