Once the malware determine the list of vulnerable website, the cyber criminals behind the botnet will be able to exploit the vulnerability to inject malicious codes in the websites. So, it will probably help the attacker to increase the number of infected websites and systems.
Alex Holden, chief information security officer at Hold Security LLC, analyzed the malware and believes the malware authors are from Czech Republic, based on the text string available in the threat.
Researcher says more than 12,500 systems have been infected by this malware and helped to discover at least 1,800 web pages vulnerable to SQL Injection.
In an email, a Mozilla spokesperson told EHN that “they have disabled the fraudulent ‘Microsoft .NET Framework Assistant’ add-on used by ‘Advanced Power’ as part of its attack. You should always be careful with anything you download. It’s a good idea to use many layers of protection, including antivirus software to stop malware.”