Which advertiser is sending me to the fake firefox-patch.exe?
Several times while visiting a particular news website over the past few weeks, I've seen Firefox displaying a page alerting me to an "Urgent Firefox update" and showing a popup window that reads "You've chosen to open: firefox-patch.exe ... Would you like to save this file?" I expect the page's URL changes, but today it is: https://ohxicfamilybuilder.org/7211825690889/ffdf1b548fd8e3f1a37cdd6f2b903abd.html
I believe this is a fake patch containing malware. I suspect that either a paying advertiser or the news site itself has been hacked and had malicious code inserted which is then propagating this redirect.
I'd like to know how I can get Firefox to help me trace the code that took me to this malware page. Fiddler might work well if I ran it all the time, but I don't. Are there steps I might take after the fact to trace the source of the link to the malware?
Tất cả các câu trả lời (3)
No, sorry, this thread isn't something we can delete, it contains valuable information about an on going issue and there are no rule violations that would qualify it for deletion.
Please feel free to submit your idea to input.mozilla.org/feedback
billvolt said
I understand that Mozilla doesn't have the market share it once had. Such an ambitious response might require the resources of Google or Microsoft.
https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work Mozilla and Google worked together back in 2006 - 2007 to create an anti-phishing / web forgery reporting system and database feature, long before any of the Security companies started creating their own individual. Combined with the Google 'spyders' that crawl thru websites to catalog the contents of websites, 'sketchy stuff' may be found - which benefits Firefox users (along with smaller usage browsers that used the same system) as much as it helps Chrome / Chromium users.
The internal code name inside Firefox is safebrowsing. You can view the internal pref setting in 'about:config using safebrowsing in the search field ay the top. Updates to the internal database are done every time Firefox is opened. I don't see a "user facing" pref that would allow for changing how often Firefox would check for an update of that database while Firefox is running' so I don't know if that "start-up check" is the only time it checks.
This feature was first in Firefox 3.0 and in the first release version of Google Chrome.
So you need to combine the market share of both Firefox and Chrome to realize how many users it does cover.
