Lily Jade

By Sumo3000 in Worms

Lily Jade is a worm infection that can exploit vulnerabilities that are not browser-specific, meaning that Lily Jade can infect a computer regardless of its web browser. Basically, Lily Jade is a Java-based worm that can appear in the form of extensions for the main web browsers (Google Chrome, Mozilla Firefox, and Internet Explorer). Lily Jade is designed to change a particular bit of code in the web browser that would substitute its own advertisements for advertisements normally displayed on websites like Facebook or Google. In this way, criminals can force the victim's web browser to display their own advertisements on all websites, without having to pay those website's owners for the service. Since Lily Jade is extremely small (just a couple of lines of codes), Lily Jade can get by many anti-virus programs with almost no problems. Lily Jade has also been associated with Facebook hijacking attacks, using the victim's Facebook account to send out messages or to post advertisement links on the victim's wall.

A Closer Look at the Lily Jade Worm

Worms that can carry out cross-browser attacks are rare at present, particularly due to the difficulty in creating and distributing them. Lily Jade is a sophisticated malware infection that is quite expensive to acquire in order to carry out attacks. Lily Jade uses a development framework known as Cross rider, which allows hackers to create malware that can affect multiple web browsers. It is important to note that Cross rider is not a malware threat, rather, it is a JavaScript framework that allows computer programmers to create web browser extensions. Malware infections like Lily Jade, created using a cross-browser engine, are quite unusual. Lily Jade targets popular websites like Facebook, YouTube, Bing, Google, Yahoo and MSN. On these websites, the victim's web browser connects to a different source in order to retrieve advertisements. This can generate quite a lot of revenue for the criminals behind the Lily Jade infection. Browser extensions that manipulate online advertisements are not uncommon, some common examples are advertisement blockers that entirely remove them. Lily Jade simply changes them.

Is the Lily Jade Worm Legal?

ESG security researchers have been surprised by the fact that the creator of Lily Jade, a hacker named Dru Mundorff, is claiming that Lily Jade is legal due to its End User License Agreement (EULA) in which the victim basically agrees to let criminals infect their computer system with Lily Jade. At present, Dru Mundorff is allowing hackers to purchase Lily Jade for a $1000 USD price, often out of reach for amateur hackers.


Most Viewed