This thread was archived. Please ask a new question if you need help.
Master password was removed. Unwanted action 52.9
I've recently found, to my surprise, that my Firefox 52.9 64bit Linux had its Master Password removed. My computer did not have anyone physically access from the time MP was enabled until it was disabled. I was out for a few hours and there was no access to my computer which is located in a rural area. In the morning I opened up FF and noticed that FF's MP was disabled. I'm very diligent at keeping my computers clean of malware. Is there a security glitch in FF 52.9? I have over 30 years of computer admin experience. Addons screencap enclosed.
chkrootkit is now reporting, before it was clean Searching for Linux.Xor.DDoS ... INFECTED: Possible Malicious Linux.Xor.DDoS installed /tmp/flashgot.14mg9vg0.default/flashgot.fgt
All Replies (3)
Did you always use the Firefox 52.9.0 ESR version or did you ever used a more recent Firefox release version?
More recent Firefox versions use key4.db for the key file and if you used a recent release when you set the MP then this MP would have been stored in key.db. Firefox 52.9.0 uses key3.db for the key file, so reverting to an older Firefox used a key file that doesn't have the master password.
thank you for the info, interesting. Yes I have used Quantum on this computer in question. I have reverted to using 52.9 over a month ago. I'm syncing this computer with other 52.9s My older FF versions have always used a master password.
Correction: I should have stated above that the master password was disabled not removed.
Recently chkrootkit has reported an addon FlashGot (a recommend addon) is infected Searching for Linux.Xor.DDoS ... INFECTED: Possible Malicious Linux.Xor.DDoS installed /tmp/flashgot.14mg9vg0.default/flashgot.fgt
flashgot developer assures me chkrootkit reporting is a false positive, flashgot uses a temp file containing URLS to download. I did not view the file at the time, silly me