Category Archives: Firefox

Malicious adware’s latest trick is replacing your whole browser

Just recently, infosec celebrity Swift on Security pointed out a new piece of adware called the “eFast Browser.” It does the kind of malicious crap that we’ve all seen quite often over the years: throwing pop-up and pop-under ads on your screen, putting other ads into your web pages, pushing you towards other websites with more malware, and (of course) tracking your movements on the web so that nefarious marketers can send more crap your way.

But what’s nefariously intriguing about this software is that it isn’t trying to hijack your current browser, it’s straight-up replacing it. As reported by Malwarebytes, eFast tries to delete Chrome and take its place, hijacking as many link and file associations as it can. Its icon and window looks a lot like Chrome’s and it’s based on the open source Chromium project in the first place, so it acts a lot like Chrome too. The software comes from a company calling itself Clara Labs, which is actually behind a slew of similar browsers with names like BoBrowser, Tortuga, and Unico.

Chrome really lead the way to the new paradigm of how to do extensibility correctly. Firefox/Edge is almost literally working on copying it.

— SecuriTay (@SwiftOnSecurity) October 16, 2015

The weird thing about this software is that it’s actually kind of good news, security wise. As Swift on Security points out, it’s easier for malware to just try to replace your browser than it is to infect it. That’s because Chrome moved toward locking down extensions by requiring that they come through Google’s web store (and thereby Google’s code review and code signing). Mozilla’s Firefox and Microsoft’s Edge browsers are moving in the same direction. So while replacing your whole browser isn’t totally new for malware, the fact that it’s the best vector for attack now might be.

According to PCrisk, eFast and its ilk try to get on your computer by burrowing themselves into the installers for free software from dubious sources on the web. It should be relatively easy to avoid installing it and, fortunately, should also be relatively easy to uninstall if you’ve found it on your computer.

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Firefox private browsing test keeps more of your data off-limits

Numerous browsers have a private mode to prevent local users from learning too much about your web habits, but what about preventing the sites themselves from tracking what you’re doing? Mozilla thinks it can help. It just released a pre-beta version of Firefox whose updated, experimental Private Browsing mode blocks web elements that could track your behavior, such as analytic tools and social network services. While the measure could break some sites, Mozilla reckons that it’s ultimately better to keep you off sites’ radars by default. If you do run into problems, there’s a central control area where you can tweak your privacy and security settings.

That isn’t the only test underway. The pre-beta also enforces add-on verification by default, so that social plugin you downloaded shouldn’t add unwanted toolbars, inject ads or collect more data than it should. Like with Chrome, you can turn off this filter if you’re willing to throw caution to the wind. If you just have to try either of these features right away, you’ll want to grab this early Firefox build now — it’s going to be a while before they make their way into a finished version.

 

Source: Mozilla

Facebooktwittergoogle_plusredditpinterestlinkedinmail