Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

urgent update Malware

  • 6 replies
  • 1 has this problem
  • 23 views
  • Last reply by jmh797

more options

this looked like the only way to create an account to post a reply to https://support.mozilla.org/en-US/questions/1129758?page=2

http://www.ibtimes.co.uk was the site that seems to be hijacked this time.

All Replies (6)

more options

Thanks. Not sure we can do much abut this other than try to warn people NOT to use such fake updates.

more options

Do people with other browsers have similar issues? There must be some way to block this. I would guess uneducated users have downloaded this so it should be a priority if it is not.

more options

I have certainly seen comments of similar affecting Google Chrome.

One of the problems is the sites used are disposable ones used for only a couple of days or so. Look for instance at the listing in a contributor thread /forums/contributors/712056

You could try complaining to ibtimes.co.uk to say they or their advertisers are pushing malware. Personally I have not yet seen any of these fake updates myself, possibly the malware somehow fingerprints the victims it targets. The malware download link you see is also likely to be personalised, so even if someone else has that they can not obtain the file by using a link you supply.

more options

jmh797 said

Do people with other browsers have similar issues? There must be some way to block this. I would guess uneducated users have downloaded this so it should be a priority if it is not.

Yes this person or group behind this also targets Google Chrome users on Windows also. They make use of the same disposable sites for the fake updates for both Firefox and Chrome. A thread example for Chrome. https://productforums.google.com/forum/#!topic/chrome/HcXgFFaO9WU

Mozilla wants this to be dealt with but it is not so simple. The problem is the url the user gets from a Ad is the only one that was able to view it so reproducing for same site or another site is tricky. The sites are often registered within a day of being reported here and are not reported again a day or more later. The method being used this time has been more elaborate compared to past attempts of fake Firefox updates sites.

https://support.mozilla.org/en-US/forums/contributors/712056

Modified by James

more options

I was able to stop this by using uBlock, however many sites now require you to unblock their site to view content. So I disabled it for that specific page on ibtimes.co and the malware page popped up again.

I'll never understand the criminal mind.

more options

But thank you for your replies. Sheds a lot more light on this for ignorant users like myself.