Today while checking my email on wowway.net, a new tab popped and warned me that a new Firefox security updated urgently needed to be installed, and a dialog box came up prompting me to install or save the file firefox-patch.exe.
Firefox does not issue updates through a .exe file, since it is used with other various operating systems.
Upon executing the file, ransomware or a trojan likely would have been installed. Apparently this was a phishing re-direct generated from one of wowway.net advertisers.
Just wanted to warn others of this phishing attempt - I have since installed AdBlock Plus to prevent this from happening again.
firefox-patch.exe
Moderator: Wiz Feinberg
-
Jeff Garden
- Posts: 3655
- Joined: 21 Aug 2003 12:01 am
- Location: Center Sandwich, New Hampshire, USA
-
John Booth
- Posts: 2045
- Joined: 25 Oct 2014 9:17 am
- Location: Columbus Ohio, USA
-
Wiz Feinberg
- Posts: 6113
- Joined: 8 Jan 1999 1:01 am
- Location: Mid-Michigan, USA
Ransomware is huge right now! Criminals are using every trick in the book to fool people into installing this crap, then bribing them into paying an extortion fee to gain the decryption key. Blame the Russians for this type of malware. Most of it will not install or encrypt on computers with Russian, or Ukrainian keyboards. In fact, the latest version of Jigsaw Ransomware even checks the victim's location and avoids installing if they are in any of the FSU countries.
If any of our members have the misfortune to acquire ransomware, check with the Malwarebytes and Bleeping Computers forums for help. There are several decryption tools available that just might decrypt your files for free, after removing the infection and its support files and Registry entries.
For instance, Trend Micro offers a ransomware decryption tool, which is updated regularly. Mind you, if you are a paid up Trend Micro Internet security user, your PC probably wouldn't become infected in the first place, unless you purposely ignore the warnings.
If any of our members have the misfortune to acquire ransomware, check with the Malwarebytes and Bleeping Computers forums for help. There are several decryption tools available that just might decrypt your files for free, after removing the infection and its support files and Registry entries.
For instance, Trend Micro offers a ransomware decryption tool, which is updated regularly. Mind you, if you are a paid up Trend Micro Internet security user, your PC probably wouldn't become infected in the first place, unless you purposely ignore the warnings.
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog
-
Jeff Garden
- Posts: 3655
- Joined: 21 Aug 2003 12:01 am
- Location: Center Sandwich, New Hampshire, USA
Ransomware Question for Wiz
On a related topic, Wiz, I was hit by a ransomware virus about a year ago. All of my files were locked up and ultimately I thought it was more economical to (with the help of a Dell tech) wipe my computer clean and start over again with factory settings.
My question is I think at the time that I contracted the virus I had an external drive with saved files on it connected to the PC. I haven't dared try to connect it to my now "clean computer" to see if I can recover those files for fear of possibly infecting everything new I've saved over the past year. Any thoughts? Thanks in advance...
My question is I think at the time that I contracted the virus I had an external drive with saved files on it connected to the PC. I haven't dared try to connect it to my now "clean computer" to see if I can recover those files for fear of possibly infecting everything new I've saved over the past year. Any thoughts? Thanks in advance...
-
Clyde Mattocks
- Posts: 3042
- Joined: 26 May 2005 12:01 am
- Location: Kinston, North Carolina, USA