Gbitten

The recent post from Petko D. Petkov about browser rootkit is very interesting. Extending the Petkov's argument, the browsers can be target of a different types of malwares, not only rootkits. It could be, for example, a good platform for botnets too. The bots could be built using Firefox extension technology. Once the bot is installed, can use the browser access to communications. The messages between bots and their Command Controls (C&C) can use javascript commands. It is a powerful script language and will permit a great flexibility to operate the botnet. In addition, the Command Control could be built using something like the POW add-on. POW is a webserver that can be installed and used in Firefox with just few clicks. Furthermore, POW has some interesting features like dynamic content, so it is prefect to deploy a C&C. However, Browser Botnets will only be a successful threat if it finds an easily and widely way to distribute itself.

Labels: Botnet, Firefox