With the MacDefender scare-ware infecting so many Macs, which many previously considered very secure, it is easy to forget where the main malware problems is. Well, there is a new scare-ware for Windows which is tricking users into installing a fake anti-virus by using Firefox.
This is how the new Firefox scare-ware works:
- User visits a website hosting the scare-ware.
- It detects the browser and the operating system which the user is using through user-string of the browser.
- If the use is using Firefox on Windows, it displays a page which fakes a Firefox warning about malwares present in the user's computer.
- The fake Firefox warning "advises" unsuspecting users to click on a button to remove the malware.
- Clicking on the button, downloads and installs a fake anti-virus programs which will continue to detect malwares in the user's computer.
- To remove the malwares, the fake anti-virus requires uses to register the software for a fee of $80.
If you see something like this in Firefox, the best thing to do is to close that tab and scan your system using a legit anti-virus to scan your system. (You can take a look at Kaspersky Internet Security we have at our store.) Firefox cannot warn users of malwares as it does not have a built-in virus scanner.
Using the user-agent is nothing new - it is widely used to serve different web pages to say, desktop browsers and mobile browsers. This however means that the malware creators are getting smarter at trying to trick unsuspecting users into paying them money to fix a non-existent problem.
Such problems, including the recent MacDefender malware, reinforces the widely considered belief that the weakest link in the computer security is the user. So much advances have been made both at the browser and OS level to make them more secure. But, the easiest target still remains the unsuspecting users.