Since its’ release on January 21st, the newest version of the Firefox web browser has received a great deal of attention. In just a short time it has achieved over 30 million downloads. Adware pushers are capitalizing on the success of Firefox, packing ad serving software in with the program in an effort to increase their reach.
Purveyors of spyware and adware will try to take advantage of well known programs, illegitimately bundling their software into the install of the popular software. These programs are also commonly referred to as Potentially Unwanted Programs (PUPs) whose content is not necessarily malicious, but is almost never wanted by the user. These types of software are often used to collect information about the user without the users’ knowledge or consent.
The latest example is found on the fake Firefox download site below. The page is cleverly disguised with the appearance of a legitimate Firefox download site and could easily fool many users hoping to upgrade.
Taking a closer look reveals clues to the fraudulent page. While the page advertises version 3.5 the newest version is actually 3.6. There are also misspellings such as “Anti-Pishing” in the title of the security section.
Victims of this scam install the “Hotbar” toolbar by Pinball Corp, formerly Zango. Not only are users subject to the annoying toolbar, they’re also barraged with pop-up ads and host to a new Hotbar weather application running in the system tray.
It should be noted that the owner of the fake Firefox site above is most likely not associated with Pinball Corp and only using its pay-per-install ad network for fast cash. Pay-per-install affiliate programs reward referring sites that generate installs of their programs, with Pinball paying as high as $1.45 per install.
Always take caution installing any software and ensure the software is downloaded directly from the publisher whenever possible. Users looking to upgrade Firefox should go to the real download site at http://getfirefox.com.
Blocking the Spyware and Malicious Sites category protects eSoft SiteFilter customers from this site and others like it.
View full post on Threat Center Live Blog
Related Posts
- Fake Firefox Update Page Pushes Malware
Thanks to F-Secure for revealing the latest in rogue anti-malware: A fake Firefox "Just Updated" page which pushes you to install an update to Flash.
View full post on PCMag.com Security Co... - Fake Firefox Update Page Pushes Malware (PC Magazine)
PC Magazine - Thanks to F-Secure for revealing the latest in rogue anti-malware: A fake Firefox "Just Updated" page which pushes you to install an update to Flash.
View full post on Yahoo! News: Se... - Fake Firefox Flash Update is Rogue
Thanks to F-Secure for revealing the latest in rogue anti-malware: A fake Firefox "Just Updated" page which pushes you to install an update to Flash.
The page (see below and click it for a f... - New fake AV page uses Firefox internals
Most Fake AV pages mimic a Windows Desktop application running. In addition, the Fake AV pages have generally been the same regardless of which browser they are viewed. I recently found a new type o... - Fake Adobe FlashPlayer Update nov.2010 delivers malware
A website labelled ‘Porn TV’ acts as a malware distribution platform: freev.info When clicking on any video link, a very convincing screen pops up: Downloading the update actually downloa... - Definition file update for Ad-Aware – combating Viruses, Spyware, Malware, Rogue software, Worms and Adware.
149.474 is now available, new definition file for Ad-Aware 8.2.150.159 is now available, new definition file for Ad-Aware 8.3.New definitions:====================Win32.Backdoor.StapomeWin32.FraudTool.... - FAKEAV Update: Java Vulnerabilities and Improved Fake Alerts
There have been recent talks within the security industry about the increasing use of Java vulnerabilities by attackers. Last week, security blogger Brian Krebs noted how Java was being used by exploi... - Fake Adobe Update Update…
Larry Seltzer and David Phillips have kindly sent me the full text of the fake Adobe update messages I previously mentioned here and here. Here it is, without some of the extraneous and in some cases ... - New fake codec scam impersonates Firefox VLC video plug in
This turned up today: new fake codec scam masquerading as a VLC video player plugin error message. In reality, clicking on the “install” button will result in a download of the Security Essentials rog... - Misleading Apps Push Browser Security Update Trick
In a previous blog we reported on how attackers use social engineering techniques to scare users into purchasing a misleading application. This time around, we have come across a couple of websites th...
Posted on 08 May 2010. Tags: Adware, Fake, Firefox, Pages, Push, Update
