A pair of researchers are reporting that the 'Fribet' Trojan has spread among users by embedding itself in pro-Tibet websites by way of an SQL injection and then exploiting a browser vulnerability to remotely install and execute.
McAfee researchers Shinsuke Honjo and Geok Meng Ong reported on a company blog posting that the Trojan not only gives the attacker the ability to remotely control and perform installations on infected PCs, but it also provides the ability to receive SQL instructions.
This, the researchers say, can allow the attacker to use infected machines to host other web exploits.
"This Trojan apparently can be used as an alternate to SQL Injection attacks, but in a more direct way," they wrote.
"Even the administrators of secure websites, protected against common SQL injection attacks, should ensure database backends are equally secure to defend against such a penetration vector."
There are, however, some mitigating factors. At the time of the posting, the server that the infected machines connected to was not active, so computers running the Trojan were not being sent commands.
The researchers also noted that in order to host web exploits on a machine, an attacker would need extensive information on a machine's network configuration and user credentials. Researchers do, however, believe that such information could be obtained through Fribet's info-stealing components.
Neil Martin of Panda Security discusses Epic Games' decision to avoid the Google Play Store in its Android release of its popular game Fortnite
Musk went public on privatisation plan "because I felt it was the right and fair thing to do so"
Intel's 9th generation Core CPUs will be released on 1 October along with Z390 motherboards
Short-sellers burnt by Musk's "false and misleading" tweets the first to file suit