Warning To Firefox Users – Fake Update Installs Malware | SUPER-Contest Deadline
If you use the popular Mozilla Firefox web browser (as I do) and you see this,
immediately hit Alt+F4 to close Firefox (or use Task Manager to kill the firefox.exe process [An Overview and Tutorial on the Windows Task Manager]).. it would also be a good idea to start a Full anti-malware scan.
Why? Because this is a carefully crafted criminal cyber attack which is attempting to trick you into clicking a link that will install a fake (aka “rogue”) antivirus program. This page sure looks real, but it is 100% fake. (It has been a while since I mentioned rogues here, but everybody should know about them by now, right? Right. If you don’t, click here, Your Computer Is Lying To You… The Epidemic Of Rogues)
The full story of this (current) attack is here, Fake Firefox Flash Update is Rogue. I bet this one is going to nail a lot of people… Hey. Cyber Czar. You see this *stuff*??? Think there might be a problem?
In happier news..
** SUPER Software License Giveaway Ends Tonight **
To help celebrate SUPERAntiSpyware’s recent inclusion in VirusTotal’s premier file analyzing service, the good folks there at SUPERAntiSpyware (known in the biz as “SAS”) have generously donated some Professional Edition licenses to me – “lifetime” licenses no less – to award to my readers.
SUPERAntiSpyware is a program for combating spyware and Internet threats. Today’s Grand Prize retails for $200, and features software I have endorsed from Day One.”
For details (and to enter), click here.The contest ends at midnight (Pacific) tonight, so don’t miss out – act now.
Today’s recommended website: Should you suspect that you have been cyber-attacked, and/or you want to make sure nothing has slipped past your onboard defenses (and trust me, it happens), and you have Internet access, head over to Microsoft’s Windows Live OneCare safety scanner and Get a free PC safety scan. Windows Live OneCare safety scanner is a free service designed to help ensure the health of your PC.
- Check for and remove viruses
- Get rid of junk on your hard disk
- Improve your PC’s performance (it examines and repairs your Registry)
Today’s free download: Microsoft Security Essentials provides real-time protection for your home PC that helps guard against viruses, spyware, and other malicious software. Get high-quality, hassle-free antivirus protection for your home PC now. Free. Lifetime.
Copyright 2007-2010 © “Tech Paul” (Paul Eckstrom). All Rights Reserved. 
post to jaanix.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
| Share this post : |  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
18 Comments »
Post your Comment/Question
• About Tech Paul
I am a Retired computer & network technician. I used to think the machines were pretty cool. Now I don’t.
They’re anything but.
I regularly posted how-to’s and tricks & tips and general computing advice here starting in 2007. (Use the Search tool to find answers. But be aware, many are rather dated.) Sometimes I answered (your) specific questions in an article if I believed the answer was generally helpful to “everyone”. All the writing you see was my own, typos and all. There always is/was an implied “IMHO” in what you see here.
Note: You are responsible for using this blog and its content. I am in no way liable for any losses caused by user error, viruses and/or other malware, hardware or software failure, or any other conceivable reason.
-
Say "thank you!" Buy Tech Paul a cup of coffee (and keep T4E ad free).
-
-
McAfee® Cybersafety Resource Portal, an online help center designed to assist victims of computer crime and provide information on how to avoid becoming a victim.
-
Subscribe to Tech--for Everyone by EmailRecent Comments
-
-
-
-
Also:
-
-
Tech - for Everyone 
TechPaul,
Thank you for alerting us to the Firefox “Fake Update”… I am sure many will be taken by this. Definitely a problem out there and no one to knock it down!
Rick
LikeLike
Rick,
Yes, the “average computer user” is not prepared to even suspect that their computer might “lie”, and many do not grasp that there are predators with programming skills robbing the Western economies of $billions a year. (I posit that this is a bigger factor in the “global recession” than anyone is willing to admit. {New Data Breach Study Shows Over 721.9 Million Records Disclosed, Estimated Cost of $139 Billion})
A “hacker” is a bored kid-genius, right?
I believe that there are those with the willingness to “knock it down”, but they lack the authority. And the ‘reach’.
The Internet is seriously broken (was built broken, basically) and needs to be fixed. Fortunately, there are some brilliant minds working on the problem…
(But, IMHO, any “fix” will have to be “average computer user”-proof. [I have seen the enemy and he is us.])
LikeLike
“Fake” is the new social engineering weapon of choice. Users need to be extra vigilant before taking any action these days. When in doubt, alt-f4 as indicated above and go to the actual Website for further guidance.
LikeLike
Mister Reiner,
Excellent advice. (In this case, it would mean re-Open-ing your web browser and going directly to Adobe’s website.) I thank you, Mister Reiner. I very much appreciate your taking the time and contributing to my efforts of spreading the word to “everyone”.
Folks, those of you with an interest in learning more about “hackers” and InfoSec should take a look at Mister Reiner’s website.. curiously enough, it’s named Mister Reiner
LikeLike
I have received this message several times recently. I even tried to install it, but can’t remember if it installed or not. I don’t think it did or I received an error message. Last time I received this, I closed it without doing anything. Will Norton detect this infection if I got it?
LikeLike
Kay Entwistle,
I believe that Norton does have the “definition” for this particular rogue. And I believe that Norton NIS 2009/2010, and 360 are top-tier products (possibly the best, for the moment). HOWEVER, anti-malware products are not design to protect you from yourself, and it is the User themselves who are installing this malware. Also, the first thing modern malware does (commonly) is look for your installed anti-malware — and then cripple it: usually in an undetectable way.
It could be that the rogue’s installer package experienced an “error” due to Norton. I don’t know. I’m not looking at your machine. But I would suggest going to an online scanner ASAP (or two) and have a Full scan done. I provided a link to Microsoft’s in the article above.
I also recommend Trend Micro’s Housecall.
LikeLike
Hi Tech Paul,
It’s funny you should say that about modern malware disabling anti-malware in an undetectable way. I have Spyware Doctor on my pc and didn’t realize until last night it was completely disabled. I now have it running again and did a full scan with that and came up clean. I also went to your article “Your Computer is Lying to You” and from there went to Bill Mullins’ “How Fake/Rogue Software Affects Real People” and downloaded Malwarebytes’ Anti-malware. I also ran a full scan with that and came up clean. I will also, per your suggestion, take a look at Housecall. Thanks again for your help and your blog. I appreciate the warning on this nasty rogue. -Kay
LikeLike
Kay Entwistle,
Thank you for letting me know that you have found my information useful.
If Housecall, (a refreshed) Spyware Doctor, and MalwareBytes showed clean, I would say that the odds are quite good that the malware was blocked (presumably by Norton) from correctly installing.
You know… I often wonder at people’s reluctance to pay (a modest sum) for protection of their (expensive) computers. To me, it’s like changing the oil on the car…
LikeLike
I ran Housecall and all seems well. Will now run my Norton. With all the surfing I do, I need lots of protection. Your Blog plays a big part in my defense. Thank you !! :-)
LikeLike
Kay..
Blushing here…
Thank you.
LikeLike
Thanks for the alert! I haven’t seen this yet, but I will be on the lookout. Question: the valid version of this page appears when Firefox is (re)started. If that’s also the case with this fake, doesn’t that mean that something malicious had previously been downloaded that, in turn, caused the fake page to come up when Firefox starts?
LikeLike
IzaakMak,
I, too, have not personally seen this.. but, yes, typically and “generally”, a pop-up such as this is the result of a prior action/attack. I am with Bryce at Technibble, who wrote:
“It isn’t clear from the article what causes the page to pop up in the first place, my guess is something encountered in the previous browsing session changes the homepage. The fake page can presumably be seen in any browser and it displays a recent update version of Firefox but not the most recent one. The download will try to start automatically, if it is saved and run the rogue anti-virus “Security Tool” will infect the computer. F-Secure is already blocking the website that the attack originates from and the latest database update can detect the rogue AV; otherwise the best way to avoid it would be to ignore pages like this and get updates from the source, in this case Adobe’s website.”
To see pictures of the attack (and get more details) visit the F-Secure website.
LikeLike
Thanks my friend. Good advise all around!
LikeLike
IzaakMak,
The folks at F-Secure get a tip of my geek hat on this one fersher.
LikeLike
I got this and being the careful guy I am anyway, went to the adobe site to download and I was already up to date. I didn’t give it two thoughts that it was FAKE! I would bet there will be thousands who get duped by this. It looks legit and fooled me.
LikeLike
g,
Thank you for your “testimonial”. There’s a few lessons there for those who read it.
LikeLike
Another good reason why we should consider using sandboxed browsers. These drive-by downloads can often be prevented by using virtualization software like Sandboxie..
Let’s go Virtual.
LikeLike
Ranjan,
Your expressed opinion is right in line with many in the security field. (Personally, I would rather address the disease.) There are several “consumer grade” virtualization tools available to us already.
The one I use and recommend is Sandboxie. Which I wrote about not too long ago… click here
LikeLike