Fake Update Notice in Firefox | Cakewalk Forums

Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes

Cakewalk
- Products
- Support

Mark Thread UnreadFlat Reading Mode ❐

Fake Update Notice in Firefox

Author Post Essentials Only Full Version
JonD Max Output Level: -39 dBFS Total Posts : 3617 Joined: 2003/12/09 11:09:10 Location: East of Santa Monica Status: offline 2017/03/14 09:35:54 (permalink) Fake Update Notice in Firefox If you're suddenly redirected in Firefox to an orange screen that says Critical or Urgent Update, don't click on it! IT'S FAKE! (Malware). https://support.mozilla.org/t5/Problems-with-add-ons-plugins-or/I-found-a-fake-Firefox-update/ta-p/37696 ** Don't follow the instruction in the article to click "Cancel". The page is coded by the malware writers so clicking anywhere on it is dangerous. I'm frankly shocked that Mozilla would advise this. Better to close the tab in Firefox, then open another tab and clear your cache/history. SonarPlat/CWbBL, Win 10 Pro, i7 2600K, Asus P8Z68 Deluxe, 16GB DDR3, Radeon HD5450, TC Electronic Impact Twin, Kawai MP11 Piano, Event ALP Monitors, Beyerdynamic DT770 Pro, Too Many Plugins, My lucky hat. #1 8 Replies Related Threads
azslow3 Max Output Level: -42.5 dBFS Total Posts : 3297 Joined: 2012/06/22 19:27:51 Location: Germany Status: offline Re: Fake Update Notice in Firefox 2017/03/14 12:41:57 (permalink) JonD Don't follow the instruction in the article to click "Cancel". The page is coded by the malware writers so clicking anywhere on it is dangerous. I'm frankly shocked that Mozilla would advise this. I think in this particular case the dialog is "real", I mean it could appear after clicking on "Update now". In such case "Cancel" or "X" are the same. But in general, since malware sometimes "imitate" system dialogs in normal web pop-up, the advise is good. In practice, till the version of the browser is old and has huge security halls or settings are bad, at some point real system dialog appears to ask you what to do with downloaded file. Since we have got such problem at work (throw e-mail) and that was an encrypter, I have analyzed how it works. That was really JS file, random modified (and so not detected by antiviruses), which using a standard for Windows JS API was starting standard for Windows PowerShell, disabling all future security checks (standard for Windows way, no hacks...), downloading REAL virus from the internet and executing it... I repeat, no hacks, no exploits, everything legit. Is that not funny? Sonar 8LE -> Platinum infinity, REAPER**, Windows 10 pro GA-EP35-DS3L, E7500, 4GB, GTX 1050 Ti, 2x500GB RME Babyface Pro (M-Audio Audiophile Firewire/410, VS-20), Kawai CN43, TD-11, Roland A500S, Akai MPK Mini, Keystation Pro, etc. www.azslow.com - Control Surface Integration Platform for SONAR, ReaCWP, AOSC and other accessibility tools #2
JonD Max Output Level: -39 dBFS Total Posts : 3617 Joined: 2003/12/09 11:09:10 Location: East of Santa Monica Status: offline Re: Fake Update Notice in Firefox 2017/03/14 14:47:38 (permalink) azslow3 JonD Don't follow the instruction in the article to click "Cancel". The page is coded by the malware writers so clicking anywhere on it is dangerous. I'm frankly shocked that Mozilla would advise this. I think in this particular case the dialog is "real", I mean it could appear after clicking on "Update now". In such case "Cancel" or "X" are the same. But in general, since malware sometimes "imitate" system dialogs in normal web pop-up, the advise is good.** I know what you're saying, but you should probably clarify to the forum whose "advice is good" -- mine or mozilla's. SonarPlat/CWbBL, Win 10 Pro, i7 2600K, Asus P8Z68 Deluxe, 16GB DDR3, Radeon HD5450, TC Electronic Impact Twin, Kawai MP11 Piano, Event ALP Monitors, Beyerdynamic DT770 Pro, Too Many Plugins, My lucky hat. #3
pwalpwal Max Output Level: -43 dBFS Total Posts : 3249 Joined: 2015/01/17 03:52:50 Status: offline Re: Fake Update Notice in Firefox 2017/03/14 15:04:55 (permalink) for firefox, use the noscript (blocks javascript until you whitelist the site, javascript being the biggest security issue on the web) and adblock (blocks ads until you whitelist them, preventing delivery of malware via ads as well as just blocking that invasive ****) add-ins, then just go right ahead and surf with confidence, maybe noticing along the way how much externally-linked stuff commercial sites have hidden away there... just a sec #4
azslow3 Max Output Level: -42.5 dBFS Total Posts : 3297 Joined: 2012/06/22 19:27:51 Location: Germany Status: offline Re: Fake Update Notice in Firefox 2017/03/14 15:19:12 (permalink) JonD azslow3 JonD Don't follow the instruction in the article to click "Cancel". The page is coded by the malware writers so clicking anywhere on it is dangerous. I'm frankly shocked that Mozilla would advise this. I think in this particular case the dialog is "real", I mean it could appear after clicking on "Update now". In such case "Cancel" or "X" are the same. But in general, since malware sometimes "imitate" system dialogs in normal web pop-up, the advise is good. I know what you're saying, but you should probably clarify to the forum whose "advice is good" -- mine or mozilla's. Your advice is definitively better Sonar 8LE -> Platinum infinity, REAPER**, Windows 10 pro GA-EP35-DS3L, E7500, 4GB, GTX 1050 Ti, 2x500GB RME Babyface Pro (M-Audio Audiophile Firewire/410, VS-20), Kawai CN43, TD-11, Roland A500S, Akai MPK Mini, Keystation Pro, etc. www.azslow.com - Control Surface Integration Platform for SONAR, ReaCWP, AOSC and other accessibility tools #5
BassDaddy Max Output Level: -33 dBFS Total Posts : 4232 Joined: 2012/12/31 13:55:58 Location: I'm an American. From America! Status: offline Re: Fake Update Notice in Firefox 2017/03/14 15:24:39 (permalink) Don't use Firefox but I am still grateful for posts like these. Thanks for letting us know about this. It's Bass, not Bass. i7 2700K, 16GB DDR3, 2 SSD sample drives and OS drive, HDD SATAIII for projects, 2 24" monitors Focusrite Saffire Pro 24, Focusrite VRM Box, LAVA Lamp, SONAR Platinum 64 bit, Mackie MCU and 1 MCU XT, Akai Advance 49, Windows 10, Komplete 9 Ultimate, Cakewalk, Toontrack, IK, AAS, XLN, UVI, Air Music Tech, Waves Factory, Sample Tek and Sonivox VSTi's. Overloud, T-Racks, Audio Damage, D16, Nomad Factory, Waves Gold FX #6
abacab Max Output Level: -30.5 dBFS Total Posts : 4464 Joined: 2014/12/31 19:34:07 Status: offline Re: Fake Update Notice in Firefox 2017/03/21 19:56:09 (permalink) I got this notice a couple of months ago, and it looks real! I had left the room for a few minutes while my Firefox browser was running with the active tab on my favorite commercial weather site showing current conditions. This page refreshes to push new data every few minutes. When I walked back into the room I noticed that it had navigated to a new page. All by itself. Highly unusual behavior, so it was immediately suspect. After looking it over, I hit the power off switch on my power supply. Done! This weather website is on my whitelist of trusted websites to run scripts. To support the website as a regular user, I had recently started allowing the site to display ads by whitelisting the site in my adblocker. Seems that was a mistake... no more ads! So then I researched this particular fake update and ran across the same info as the OP has linked above. Since this is a "malvertising" exploit, I can only assume that the website's 3rd party ad broker unknowingly cycled a "bad" display ad into my active web page on a refresh, which redirected the browser to the exploit page. Hmm... DAW: CbB; Sonar Platinum, and others ... #7
pwalpwal Max Output Level: -43 dBFS Total Posts : 3249 Joined: 2015/01/17 03:52:50 Status: offline Re: Fake Update Notice in Firefox 2017/03/21 20:13:36 (permalink) abacab This weather website is on my whitelist of trusted websites to run scripts. To support the website as a regular user, I had recently started allowing the site to display ads by whitelisting the site in my adblocker. Seems that was a mistake... no more ads! this does happen quite a bit, eg, http://www.networkworld.com/article/3021113/security/forbes-malware-ad-blocker-advertisements.html be safe out there! just a sec #8
abacab Max Output Level: -30.5 dBFS Total Posts : 4464 Joined: 2014/12/31 19:34:07 Status: offline Re: Fake Update Notice in Firefox 2017/03/21 20:28:44 (permalink) pwalpwal abacab This weather website is on my whitelist of trusted websites to run scripts. To support the website as a regular user, I had recently started allowing the site to display ads by whitelisting the site in my adblocker. Seems that was a mistake... no more ads! this does happen quite a bit, eg, http://www.networkworld.com/article/3021113/security/forbes-malware-ad-blocker-advertisements.html be safe out there! Right! I have no problem with a site trying to stay in business and avoid a subscription paywall, by feeding me unobtrusive advertising. But I do draw the line at being fed malware infected ads. Seems that the advertising and publishing industries are killing their goose that laid a golden egg, if they don't step up and fix the problem. Maybe start with a more effective screening process for their ads. Cases like Forbes shows that the industry is still tone deaf to the real problem. "This problem is not with Forbes, it's their ad network's responsibility. Forbes is operating on trust that its ad providers are keeping their networks clean, and they clearly aren't if Forbes, DailyMotion, MSN, Yahoo, plus that bastion of clickbait, the Daily Mail, are all getting hit in a short period of time." They think most user running ad blockers just to make the ads to go away. What this malvertising issue is doing is causing lots of folks to stop trusting ads, period. Once that trust is broken, good luck getting it back! Just "trust us", they say!!! DAW: CbB; Sonar Platinum, and others ... #9

Jump to:

© 2024 APG vNext Commercial Version 5.1