Avatar for Username

Przeszukaj pomoc

Unikaj oszustw związanych z pomocą.Nigdy nie będziemy prosić Cię o dzwonienie na numer telefonu, wysyłanie SMS-ów ani o udostępnianie danych osobowych. Zgłoś podejrzaną aktywność, korzystając z opcji „Zgłoś nadużycie”.

Więcej informacji

Wątek został zarchiwizowany. Jeśli potrzebujesz pomocy, zadaj nowe pytanie.

attempted browser hijack downloaded trojan / linked to FF Block site 4.0.5.2 add-on.

  • 3 odpowiedzi
  • 1 osoba ma ten problem
  • 2 wyświetlenia
  • Ostatnia odpowiedź od midnightvisions

midnightvisions
midnightvisions
more options

My FF was in an attempted hijacking.

I was able to get out of it and report the web site through this menu's Report Deceptive Site. A follow up virus scan did not reveal anything.

Several days later I received an email stating the hijack downloaded a key logger which copied all my contacts and passwords. It then demanded a ransom of more money that I have and instructions on how to bitcoin the money to them, also something I have no idea what they are talking about. The hijackers included one password as evidence of the keylogger. I do not have a camera attached to my computer so the rest of the message was just rubbish.

a virus scan then revealed the Domepidief.A trojan which downloaded the file NSMAIL.PDF.

NSMAIL.PDF was located at c:\Users\your account\Appdata\Local\Temp\nsmail.pdf

NSMAIL.PDF showed as a Videolan VLC extension withthe roadcone icon.

Then FF started to repeatedly try to connect to Adult.yourblocksite.com. through troubleshooting the FF add-on Block site 4.0.5.2 was the source of the pinging.

You need to remove the Block Site add-on as its been hijacked by criminals.

My FF was in an attempted hijacking. I was able to get out of it and report the web site through this menu's Report Deceptive Site. A follow up virus scan did not reveal anything. Several days later I received an email stating the hijack downloaded a key logger which copied all my contacts and passwords. It then demanded a ransom of more money that I have and instructions on how to bitcoin the money to them, also something I have no idea what they are talking about. The hijackers included one password as evidence of the keylogger. I do not have a camera attached to my computer so the rest of the message was just rubbish. a virus scan then revealed the Domepidief.A trojan which downloaded the file NSMAIL.PDF. NSMAIL.PDF was located at c:\Users\your account\Appdata\Local\Temp\nsmail.pdf NSMAIL.PDF showed as a Videolan VLC extension withthe roadcone icon. Then FF started to repeatedly try to connect to Adult.yourblocksite.com. through troubleshooting the FF add-on Block site 4.0.5.2 was the source of the pinging. You need to remove the Block Site add-on as its been hijacked by criminals.

Wybrane rozwiązanie

The email sounds like a variation of one of those blackmail email scams.

https://www.reddit.com/r/Scams/comments/8gsjba/the_blackmail_email_scam/ https://www.kshb.com/money/consumer/dont-waste-your-money/scary-porn-blackmail-scam-knows-your-password

Przeczytaj tę odpowiedź w całym kontekście 👍 1

Wszystkie odpowiedzi (3)

FFus3r
FFus3r
more options

scan your system with:

use malwarebytes in safe mode and normal mode.

James
James
  • Top 25 Contributor
  • Moderator
more options

Wybrane rozwiązanie

The email sounds like a variation of one of those blackmail email scams.

https://www.reddit.com/r/Scams/comments/8gsjba/the_blackmail_email_scam/ https://www.kshb.com/money/consumer/dont-waste-your-money/scary-porn-blackmail-scam-knows-your-password

midnightvisions
midnightvisions Zadający pytanie
more options

Yes, so the old password came from a Linkedin hack in 2012, not an old password hacked from FF.

Thanks for the news. The email threat was rubbish and the info it stated was not correct, but my concern was where the password came from, if it was indeed hacked from firefox or not.

thanks