Firefox malware disguises itself as a Microsoft update

More scareware evolution

By Asavin Wattanajantra

Thu Jun 09 2011, 12:09

CRIMINALS HAVE CREATED a near-replica version of the Microsoft Update page to fool users of Firefox.

Like a previous attack that produced a fake Firefox security alert, the malware comes up when a user-agent string is detected from a Firefox user browsing a malicious web site. This time though, it comes up with a replica of the real Microsoft Update page, which you only see if you're using Internet Explorer.

The same malicious web site is also known for hosting a fake Windows XP explorer scanner and Windows 7 scanner, said Chester Wiesniewski, senior security advisor at Sophos.

He said, "Similar to spam messages that have corrected their grammar and use correct imagery and CSS, the attackers selling fake anti-virus are getting more professional."

"They use high quality graphics and are using information from our UserAgent strings that are sent by the browser to customize your malware experience."

This type of scareware, generally asking you to buy a fake security product to make your computer 'safe', has plagued computer users in the recent past.

Last month saw an explosion in this fake anti-virus phishing attacks hitting Mac users, while many Windows users are used to encountering these type of attacks, with some of them advanced enough to hold your files hostage unless you're willing to pay up. µ

Tags: Security

Is not this what have happened with windows anyway that you get redirected to a faulty updatesite if you get infected during an update or before. Ive got infected almost every time during 2 year period and I reinstall a lot, microsoft is just pathetic and dont take responsibility to provide knowledge and tools for a user. You might think I didnt have firewall or antivirus - I did ..everytime...MS cant protect you for shit during the patching-process and you end up infected

posted by : sdhilsdfjklsdf, 10 June 2011 Complain about this comment

So the criminal's hopefully fatal mistake

is that if you really were looking at the Microsoft / Windows Update page in FireFox, it would not be working, but telling you to "upgrade" your web browser.

However, maybe it could also impersonate the desktop Windows Update program.

Apart from that little slip, if these fellows are so much on the ball, maybe they will be ready to release a Windows 8 version before Microsoft itself releases Windows 8 - I look forward to hearing about that.

posted by : Robert Carnegie, 09 June 2011 Complain about this comment

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

Senior SharePoint/ MOSS 20

Senior SharePoint/ MOSS 200...

INQ Poll

Facebook starts selling shares

Will you buy Facebook shares?

Yes, it's a great investment

Yes, I want to frame a share certificate

No, it's overpriced

No, I'm not stupid

What, Facebook sold shares? I thought it was free

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

Firefox malware disguises itself as a Microsoft update

Share this:

Paypal high street mobile payments app hands-on [Video]

London Olympics: Westfield Stratford prepares for visitor deluge with tech innovation [Video]