X
Tap here to go to the mobile version of the site.

Support Forum

urgent update Malware

Posted

this looked like the only way to create an account to post a reply to https://support.mozilla.org/en-US/questions/1129758?page=2

http://www.ibtimes.co.uk was the site that seems to be hijacked this time.

this looked like the only way to create an account to post a reply to https://support.mozilla.org/en-US/questions/1129758?page=2 http://www.ibtimes.co.uk was the site that seems to be hijacked this time.

Additional System Details

Installed Plug-ins

  • Adobe PDF Plug-In For Firefox and Netscape 15.17.20050
  • Google Update
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Next Generation Java Plug-in 11.91.2 for Mozilla browsers
  • The plugin allows you to have a better experience with Microsoft Lync
  • The plugin allows you to have a better experience with Microsoft SharePoint
  • NVIDIA 3D Vision Streaming plugin for Mozilla browsers
  • NVIDIA 3D Vision plugin for Mozilla browsers
  • Shockwave Flash 22.0 r0
  • 5.1.50428.0
  • iTunes Detector Plug-in

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

More Information

John99 971 solutions 13138 answers

Thanks. Not sure we can do much abut this other than try to warn people NOT to use such fake updates.

Thanks. Not sure we can do much abut this other than try to warn people NOT to use such fake updates. * [[I found a fake Firefox update]]

Question owner

Do people with other browsers have similar issues? There must be some way to block this. I would guess uneducated users have downloaded this so it should be a priority if it is not.

Do people with other browsers have similar issues? There must be some way to block this. I would guess uneducated users have downloaded this so it should be a priority if it is not.
John99 971 solutions 13138 answers

Helpful Reply

I have certainly seen comments of similar affecting Google Chrome.

One of the problems is the sites used are disposable ones used for only a couple of days or so. Look for instance at the listing in a contributor thread /forums/contributors/712056

You could try complaining to ibtimes.co.uk to say they or their advertisers are pushing malware. Personally I have not yet seen any of these fake updates myself, possibly the malware somehow fingerprints the victims it targets. The malware download link you see is also likely to be personalised, so even if someone else has that they can not obtain the file by using a link you supply.

I have certainly seen comments of similar affecting Google Chrome. One of the problems is the sites used are disposable ones used for only a couple of days or so. Look for instance at the listing in a contributor thread [/forums/contributors/712056] You could try complaining to ibtimes.co.uk to say they or their advertisers are pushing malware. Personally I have not yet seen any of these fake updates myself, possibly the malware somehow fingerprints the victims it targets. The malware download link you see is also likely to be personalised, so even if someone else has that they can not obtain the file by using a link you supply.
James
  • Moderator
1595 solutions 11242 answers

Helpful Reply

jmh797 said

Do people with other browsers have similar issues? There must be some way to block this. I would guess uneducated users have downloaded this so it should be a priority if it is not.

Yes this person or group behind this also targets Google Chrome users on Windows also. They make use of the same disposable sites for the fake updates for both Firefox and Chrome. A thread example for Chrome. https://productforums.google.com/forum/#!topic/chrome/HcXgFFaO9WU

Mozilla wants this to be dealt with but it is not so simple. The problem is the url the user gets from a Ad is the only one that was able to view it so reproducing for same site or another site is tricky. The sites are often registered within a day of being reported here and are not reported again a day or more later. The method being used this time has been more elaborate compared to past attempts of fake Firefox updates sites.

https://support.mozilla.org/en-US/forums/contributors/712056

''jmh797 [[#answer-912372|said]]'' <blockquote> Do people with other browsers have similar issues? There must be some way to block this. I would guess uneducated users have downloaded this so it should be a priority if it is not. </blockquote> Yes this person or group behind this also targets Google Chrome users on Windows also. They make use of the same disposable sites for the fake updates for both Firefox and Chrome. A thread example for Chrome. https://productforums.google.com/forum/#!topic/chrome/HcXgFFaO9WU Mozilla wants this to be dealt with but it is not so simple. The problem is the url the user gets from a Ad is the only one that was able to view it so reproducing for same site or another site is tricky. The sites are often registered within a day of being reported here and are not reported again a day or more later. The method being used this time has been more elaborate compared to past attempts of fake Firefox updates sites. https://support.mozilla.org/en-US/forums/contributors/712056

Modified by James

Question owner

I was able to stop this by using uBlock, however many sites now require you to unblock their site to view content. So I disabled it for that specific page on ibtimes.co and the malware page popped up again.

I'll never understand the criminal mind.

I was able to stop this by using uBlock, however many sites now require you to unblock their site to view content. So I disabled it for that specific page on ibtimes.co and the malware page popped up again. I'll never understand the criminal mind.

Question owner

But thank you for your replies. Sheds a lot more light on this for ignorant users like myself.

But thank you for your replies. Sheds a lot more light on this for ignorant users like myself.