Was Firefox update hijacked?
Today when I opened Firefox it claimed I needed an update. When I pressed update it downloaded a file for me to run. This is as wrong as wrong can be. I stopped everything and went back in and discovered it is a hijack attempt. What would you like from me to investigate this incident?
Thanks, Fred
Chosen solution
Firefox updates on Windows, Mac OSX, and Linux are done internally in Firefox (by a .mar file). Or by download from www.mozilla.org or www.mozilla.org/firefox/all/
Updates are not sent to Firefox users as a .exe and the publisher of that file is not Mozilla.
This is similar to the fake firefoxpatch.exe scam that was popping up on some websites before. You did not have to be infected with anything for this to have occurred.
On a tablet so I cannot check this out further so easily.
https://www.reasoncoresecurity.com/signer-ooo-advert-m-00d456a38d6e59edd13fa4143d8336198c.aspx.
"OOO ADVERT-M is a software publisher located in Moscow, Russia*. The company is a primary distributor of potentially unwanted programs."
Read this answer in context 👍 1All Replies (2)
Chosen Solution
Firefox updates on Windows, Mac OSX, and Linux are done internally in Firefox (by a .mar file). Or by download from www.mozilla.org or www.mozilla.org/firefox/all/
Updates are not sent to Firefox users as a .exe and the publisher of that file is not Mozilla.
This is similar to the fake firefoxpatch.exe scam that was popping up on some websites before. You did not have to be infected with anything for this to have occurred.
On a tablet so I cannot check this out further so easily.
https://www.reasoncoresecurity.com/signer-ooo-advert-m-00d456a38d6e59edd13fa4143d8336198c.aspx.
"OOO ADVERT-M is a software publisher located in Moscow, Russia*. The company is a primary distributor of potentially unwanted programs."
Modified
Here is further info on the attempted hijack. I went to the Home Depot website and that is when it reopened that tab to this address:
Screen shot is included, so you can see it looks legit.