Had a really weird website popup when I was in the middle of school work.
So today I was cruising along and had a weird website just pop up on my window saying that I needed this Critical Firefox Update and it came from a website called Angholinpussy.org or angolinpussy.org - I did not allow it but it started and executable file best I could tell and went ahead and tried to get me to click on a save the update file. I did not and exited out quickly. Now most people would say it sounds like a porn site but I do not visit sites like that and it really disturbed me as I have trusted firefox for years. How can we combat this, as my daughters use this computer and they may not have the same knowledge that I do about computers to know that something like that is something you don't click...plus the fact that it cam up with such an awful web address. Let me know if you guys have any thoughts as to how we can shut this type of virus down, or I may have to leave firefox until that is fixed.
All Replies (4)
See if this is what happened. https://support.mozilla.org/en-US/kb/i-found-fake-firefox-update
Actually that is exactly what happened. Its a little frustrating as I try very hard to keep my computers clean...I will be running a Anti malware inspection to see if anything came from it...but I just closed the page but thought maybe if Firefox knew who it was coming from, they might be able to battle it a little better!
Adblock Plus {web link} Blocks annoying video ads on YouTube, Facebook ads, banners and much more. Adblock Plus blocks all annoying ads, and supports websites by not blocking unobtrusive ads by default (configurable).
Adblock Plus Pop-up Addon {web link} Adblock Plus Pop-up Addon extends the blocking functionality of Adblock Plus to those annoying pop-up windows that open on mouse clicks and other user actions.
Forum; Adblock Plus Homepage {web link}
tjwgardner said
Actually that is exactly what happened. Its a little frustrating as I try very hard to keep my computers clean...I will be running a Anti malware inspection to see if anything came from it...but I just closed the page but thought maybe if Firefox knew who it was coming from, they might be able to battle it a little better!
Did you report that website by using Help > Report Web Forgery ...?
Firefox has built-in Phishing and Malware Protection, which relies upon users reporting websites such as that. Telling us about it here really slows down the reporting process. https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work
Overall, that particular exploit is done in a manner that makes it very difficult to stop or shut down. That perpetrator is apparently creating multiple new domains every day, and then moves to a new pair or batch of domains before the anti-Phishing service can shut any down.
1. Users need to report the website / domain.
2. That domain has to be added to the "list".
3. The list that sits in the web browser needs to be updated.
I don't have any idea how fast (or slow) that whole process takes, but this particular type of exploit does take at least a few hours. And the largest variable is whether or not the user even reports the Phishing attempt.
Prime example of "social engineering" at its finest, or worst if the user succumbs to the exploit.
1. A user who sees something like that type of page should realize that Mozilla doesn't send Firefox update notifications thru a webpage. Firefox is updated thru Firefox, and unless the user has changed the default setting they would never get an "update notification". By default Firefox updates automatically, and all the user should ever see is the notice to "restart Firefox to finish the installation of an update".
2. Why the hell would Mozilla use a domain like angolinpussy.org to notify users of an "urgent-update"? As soon as the user sees a domain like that sitting in the URL bar for a supposed Firefox update, "red lights" and "sirens" should be going off in their mind that something ain't right about the information I am seeing. "Pussy" may be part of acceptable American lexicon or considered acceptable as "grabbing action", as endorsed by our current POTUS, but which company in their right mind would use a domain name with "pussy" in the domain name that for update notifications? Regardless of how the 'the Drumpf' speaks (or thinks) - that just ain't an acceptable term to use, except maybe for the omnipresent "cat videos" on the internet.
3. Then there's the use of .js or .exe files to "deliver" the "Urgent-update" file. Just ain't done in that manner by any responsible software developer, as it is too easy to exploit users when using those file formats - as this "character" is attempting to do.
The opinions expressed in this posting are mine alone. I don't work for Mozilla, I am just another Firefox user who's been using Firefox since Aug 2002, when it was called Phoenix. Users need to keep their "head on straight" when using the internet. Best expressed by an idiom dating to the 1500's. http://www.phrases.org.uk/meanings/a-fool-and-his-money-are-soon-parted.html