Jump to content

Fake Firefox Update Emails Carry Malware

Starbuck
 Share

Recommended Posts

  • ExTS Admin
Starbuck Newbie

Starbuck

Posted
  • ExTS Admin
Posted

Security researchers from Sophos warn of fake emails purporting to be Firefox update notifications and directing recipients to a password-stealing trojan.

 

The emails bear a subject of "New version released" and have their header spoofed to appear as if they were sent from a @firefox.com email address. The contained message is copied from the legit Firefox Update page and reads:

 

"A Firefox software update is a quick download of small amounts of new code to your existing Firefox browser. These small patches can contain security fixes or other little changes to the browser to ensure that you are using the best version of Firefox available.

 

"Firefox is constantly evolving as our community finds ways to make it better, and as we adjust to the latest security threats. Keeping your Firefox up-to-date is the best way to make sure that you are using the smartest, fastest and . most importantly . safest version of Firefox available.

 

"A Firefox update will not make any changes to your bookmarks, saved passwords or other settings. However, there is a possibility that some of your Add-ons won.t be immediately compatible with new updates."

 

The email ends with a recommendation reading "For security reasons please update your firefox version now [LINK]," however it's clear that the link does not lead to a location on mozilla.com.

 

The URL points to a file hosted on btopenworld.com, the web hosting service offered by BT to its broadband customers. The executable is actually an installer for Mozilla Firefox 5.0.1 with a password stealer attached.

 

Bundling the trojan with a legit Firefox installer instead of serving it directly is an attempt to divert the victim's attention from what's happening in the background. Users are always advised to download programs directly from the vendor websites or trusted download portals.

 

It's also worth keeping in mind that Mozilla does not send Firefox update alerts via email. In fact, starting with Firefox 5, the open source browser updates itself silently without no interaction from the user being required.

 

 

Source:

http://news.softpedia.com/news/Fake-Firefox-Update-Emails-Carry-Malware-215720.shtml

Member of:

UNITE

  • Replies 0
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...