- **Author|Wang Jialu**
- **Source|Zhongguancun Online **
- Release time|2021-03-02
According to foreign media, according to a recent investigation report released by the network security company Proofpoint, a group of hacker organizations recently used malicious FireFox plug-ins to steal Gmail and Firefox browser data, and then download malicious software on infected devices.
It is reported that the hacker group used spear-phishing emails to lure users to click and prompt them to install Flash updates to view the content of the website. Although the extension is called a Flash update component, it is actually a Gmail notifier with additional malicious code added. According to the research team, this code can abuse some email permissions on the infected browser.
In addition, the extension also downloaded and installed ScanBox malware on the infected system. This malware is a hacking tool framework based on PHP and JavaScript.