Hackers have subverted warnings generated by Firefox about dangerous sites to punt fake anti-virus portals. Surfers straying onto a web page offering the "Security Tool" rogue anti-virus are offered a warning page that convincingly mimics the genuine Firefox block page. The site offers supposed updates for Mozilla's technology …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Wednesday 20th October 2010 13:09 GMT TRT

That's nasty.

And it explains why several users here have recently managed to get rogue AV scanners installed.

How to combat this? Dunno. Tineye type reverse image search on the generated page looking for a score above a threshold match to genuine Firefox alert screens? Would that be too slow?

1 0
1. Wednesday 20th October 2010 15:30 GMT Anonymous Coward
  
  I just removed one from a friends computer.
  
  She was adamant that she hadn't clicked on any dodgy links so this could explain it.
  
  0 0
Wednesday 20th October 2010 15:30 GMT TeeCee

Fake Flash update pwnage.

First seen back in July? That wouldn't have been some time after Mozilla caused FF to produce a genuine screen saying that users should update their Flash plugin would it? Hmm, September 2009 apparently, so yes it would.

http://www.channelregister.co.uk/2009/09/17/firefox_users_with_vulnerable_flash/

At the time Mozilla were bemoaning the fact that only 35% of those prompted to clicked the "download upgrade" link. Presumably they're the same ones who've been pwned since July.

1 0
Thursday 21st October 2010 09:23 GMT Jeremy 2

Ouch.

That is vicious. I've always rated these sorts of scams on scale of "how likely is my father-in-law to fall for this?" test. I think this one is a "very likely". I guess I'll be getting the 'there's something wrong with my computer call' soon...

0 0
1. Sunday 24th October 2010 12:21 GMT Quirkafleeg
  
  Ouch ouch ouch
  
  He has a computer call?
  
  0 0