P.T. Barnum wasn’t wrong – Firefox Beta Links spread Malware

It should not come as a surprise to you that Firefox is available for free download from Mozilla (hence the Open Source Project).  This must not be apparent to users who are being fooled by a fake Firefox 4.0 beta download scam.  

The scam goes a bit like this:

  1. You want software but don’t want to pay for it (in this case a new version of the Firefox browser)
  2. You get email/see link/etc that a new Firefox browser is going to be out
  3. Email/Link/etc portends to provide either a software crack or a key generation file (items used to break registration of what should be purchased software).
  4. You download and run crack files
  5. You get infected with a Trojan

Reports note the following trojans have already been seen using this scam:

  • FraudTool.Win32.FakeVimes
  • Trojan-Downloader.Win32.CodecPack.2GCash.Gen
  • Trojan.DNSChanger.Gen
  • Virus.Win32.Parite
  • TrojanDownloader-Win32/FakeRean

Moral(s) of the story:

  1. Always check an authoritative source.  If you are interested in the Firefox 4 Beta, check out Mozilla’s site and download it there.
  2. It’s always a bad idea to pirate software.  Sites that host/distribute cracked versions of software and keygens are already operating in a shady area, don’t be surprised to get infected/attacked if that is a site you visit.  (As I tell my kids, don’t touch that, you don’t know where it’s been).
  3. Patch and Update.  For at least the few noted pieces of malware being spread here, if your system is patched and your AV updated you should be okay.  However, this can change at any moment, so don’t test it.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s