Fake Firefox update used to sling scareware Online con artists have developed a strain of scareware that poses as a Firefox update. The tactic is a change from the standard approach adopted by purveyors of rogue anti-virus scanners - tricking users into visiting scareware portals running fake security scans that report non-existent security problems to panic surfers …
"...the 'you should update flash right now' link took me to adobe's website."
Same here. I was shitting bricks a moment ago but am fairly certain mine did the same. So hopefully OK (but I'll be checking up on it anyway).
I had also, in comparison to the image shown in this article, recently upgraded to 3.6.8; just that minute in fact. Perhaps that's where the hackers got their idea though?
Sounds like your javascript and/or popup-blocker settings might want tightening up. Alternatively, add NoScript extension.
Or run Firefox under a non-Admin user account, so you'll know that *any* upgrade notice you see is bogus. As a further benefit, even if you do download and run the naughtyware, it can't hurt your system (though no promises about your documents etc.)
El Reg should fix the article since it's not clear.
There is a completely legitimate page that appears very similar to the one the VXers use that also informs you to upgrade Flash. However, it DOES lead to Adobe's site and goes through the regular channels to update Flash. What this fake version does is appears to give you an upgrade, but when you attempt to use the 'upgrade flash' link, it has you download a payload.
Read the F-Secure article, folks.
Also: "In related news, McAfee warned earlier this week that VXers were offering a Trojan disguised as trial versions of its VirusScan anti-virus software."
So it's going to perform like regular McAfee - slow, bloated and does no good at all?
Since Firefox itself is checking for updates, why would you EVER trust any webpage that loads and reads "you need to update" this or that?
Don't do it. Only update firefox when a trusted add-on claims a newer version of itself is available through the normal popup window, and of course if you haven't kept this in mind and are taken somewhere questionable, Look At The URL.
On a side note, this malware seems less harmful than Flash, maybe it all works out for the best.
Always look at the URL. Just keep glancing back up at it to make sure you're on the right site.
Also, there is a legit page that does appear when you update firefox and this is an exact copy of that. The difference is where that URL goes, so look at the status bar too.
*checks to make sure he's on el reg*
*submit*
.deb packages The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
