RSS Alerts

Patrick Walsh

Job title:
CTO, eSoft

Areas of expertise:
Web threats, email threats, social networking, web filtering

Biography:
Patrick has over 10 years of experience in computer security and software development and holds a Bachelor of Science degree in Information and Computer Science from the University of California, Irvine. In addition to his entrepreneurial past, other past roles include software engineer, engineering manager, product manager, marketing manager.

Tag Cloud

blackhat seo Web Security malware spam Rogue AV virus WiFi compromised sites

Bloggers

Blog

Fake Firefox Update Pages Push Adware

Since its’ release on January 21st, the newest version of the Firefox web browser has received a great deal of attention. In just a short time it has achieved over 30 million downloads. Adware pushers are capitalizing on the success of Firefox, packing ad serving software in with the program in an effort to increase their reach.

Purveyors of spyware and adware will try to take advantage of well known programs, illegitimately bundling their software into the install of the popular software. These programs are also commonly referred to as Potentially Unwanted Programs (PUPs) whose content is not necessarily malicious, but is almost never wanted by the user. These types of software are often used to collect information about the user without the users’ knowledge or consent.

The latest example is found on the fake Firefox download site below.  The page is cleverly disguised with the appearance of a legitimate Firefox download site and could easily fool many users hoping to upgrade.



Taking a closer look reveals clues to the fraudulent page. While the page advertises version 3.5 the newest version is actually 3.6. There are also misspellings such as “Anti-Pishing” in the title of the security section.

Victims of this scam install the “Hotbar” toolbar by Pinball Corp, formerly Zango. Not only are users subject to the annoying toolbar, they're also barraged with pop-up ads and host to a new Hotbar weather application running in the system tray.



It should be noted that the owner of the fake Firefox site above is most likely not associated with Pinball Corp and only using its pay-per-install ad network for fast cash. Pay-per-install affiliate programs reward referring sites that generate installs of their programs, with Pinball paying as high as $1.45 per install.  

Always take caution installing any software and ensure the software is downloaded directly from the publisher whenever possible. Users looking to upgrade Firefox should go to the real download site at http://getfirefox.com.

Blocking the Spyware and Malicious Sites category protects eSoft SiteFilter customers from this site and others like it. 

Posted 03/02/2010 by Patrick Walsh

Tagged under: firefox , adware , web security

Comment on this blog

You must be registered and logged in to leave a comment about this blog.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water