Firefox hacked... who else?..

silverdragon
Demi-God

Busters Stunt Double, .. because "Life" is something that happens when your planning something else.

Posts: 19,452

Firefox hacked... who else?.. May 3, 2013 8:43:45 GMT

Quote

Post by silverdragon on May 3, 2013 8:43:45 GMT

I posted this elsewhere, but it should also go here?....

Dear Hackers....
We are On to You...............

www.bbc.co.uk/news/technology-22372027

If you have got Firefox, ESPECIALLY Mobile versions, under win-8 platforms, check task manager for dotnetchk.exe....
If you have that, suspend it immediately.
Google removal instructions for it.
At the moment its an "Advanced" removal, we are hoping a more user friendly removal tool can be released soon....

Gamma, the people who make this thing, "Claim" that its being sold to Governments and law enforcement agencies to aid them in tracking Criminals.....

Well, now its out in the open, you had better think again.
WE DONT BELIEVE YOU.

Mozilla/Firefox have sent a cease-and-desist notice to Gamma, to legally request they stop hacking Firefox.

At this time I am not fully aware of its full extent.....
(I dont know everything)

Read more: citadelofmyths.freeforums.net/index.cgi?action=display&board=talk&thread=135&page=22#ixzz2SDWlKOOK

I am hearing that it MAY have spread to Internet Exploder........
And Chrome......

I am hearing its MOSTLY Mobile platforms......

I am not sure and cannot verify those sources.

This is just a heads up and be aware warning.... if anyone knows any better, please feel free to add to this.

Last Edit: May 3, 2013 8:44:36 GMT by silverdragon

-x-clacks-GNU Terry Pratchett----Release the Clan Mac Feegle, awae hame ye scunners.[p]Most of my Job is avoiding Stupid. ...You cant Fix Stupid. Especially when you turn Left at Hammerhead.

privatepaddy Senior Member Posts: 936	Firefox hacked... who else?.. May 3, 2013 11:24:55 GMT Quote Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by privatepaddy on May 3, 2013 11:24:55 GMT Thanks SD, checked mine but apparently I am not interesting enough to track ;D
	To boldly go where everyone else has gone before

Antigone68104
Senior Member

Posts: 878

Firefox hacked... who else?.. May 4, 2013 23:06:36 GMT

Quote

Post by Antigone68104 on May 4, 2013 23:06:36 GMT

I don't know if "hacked" is the right term -- from the BBC article, it sounds like Gamma is simply lying to users to get their program installed.

Here's another article: www.wired.com/wiredenterprise/2013/04/finfisher-firefox/

silverdragon
Demi-God

Busters Stunt Double, .. because "Life" is something that happens when your planning something else.

Posts: 19,452

Firefox hacked... who else?.. May 5, 2013 7:26:14 GMT

Quote

Post by silverdragon on May 5, 2013 7:26:14 GMT

“What’s interesting in this specific case is we have something which is malware, doing what malware does, but it’s a commercial company that’s selling it,” he says. “So that’s where it gets interesting. You can actually say, ‘Hey can you guys knock it off.’”

What we have here is a program that masquerades as another legitimate program[/i] and in that, it is actual spyware, malware, and against the whole idea of running anti-malware.

In "My other life", I spend hours a week working to find, oust, and detect such malware.
It IS malware.
I do not care for the legitimacy of law enforcement agencies use of the product....
Its against Mozilla's wishes that their name should be used to promote such malware.
It IS malware.......
It is NOT wanted by the end user.
Nor is it what the makers of Mozilla and Firefox want to be involved with.

Moral dilemma....
If this product is being used to track terrorists, should I object?...

YES.

Reason?... I work free as a volunteer for Mozilla.
I beta test products, I try to break them, to make sure no one else can, so that they are dependable and safe in the outside world.
The people who own Mozilla have no say in how their product is being "Used"......
Just who is accountable for who its being used against?...
If this product is being used against say the rebels in a well known middle east country who are trying to depose a tyrant, and the despot who runs the country is using it to track them........

Mozilla has no interest in that type of business,
Mozilla is NOT a law enforcement agency.
Other than it moral rights to report such offences that are illegal.

Since I knew, hacking someone elses product WAS illegal?....

Now this story is out in the open, Mozilla will not be used by criminals anyway.....

Last Edit: May 5, 2013 7:29:29 GMT by silverdragon

-x-clacks-GNU Terry Pratchett----Release the Clan Mac Feegle, awae hame ye scunners.[p]Most of my Job is avoiding Stupid. ...You cant Fix Stupid. Especially when you turn Left at Hammerhead.

OziRiS Evil Senior Member with far too much time on their hands. Minion Keeper of the Hyneman's party wigs Posts: 8,958	Firefox hacked... who else?.. May 5, 2013 21:05:04 GMT Quote Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by OziRiS on May 5, 2013 21:05:04 GMT I use Firefox on both my PC and my phone. I've already checked the PC and (thankfully) found nothing. Know how to check the phone too? It's a Samsung Galaxy S2, running Android v. 4.1.2.
	Knowledge is knowing a tomato is a fruit, but wisdom is not putting it in a fruit salad.

watcher56
Full Member

Posts: 288

Firefox hacked... who else?.. May 6, 2013 1:41:59 GMT

Quote

Post by watcher56 on May 6, 2013 1:41:59 GMT

As I understand it, there is nothing in or attached to Firefox the browser that is malware. Gamma simply named their executable file in a way to make it look like it was part of firefox. It would be no different then me creating some malware and naming the executable firefox_watcher.exe. There is no need to check your firefox installation, and you are not at any added risk if you are using FF.

arstechnica.com/information-technology/2013/05/spyware-used-by-governments-poses-as-firefox-and-mozilla-is-angry/

Last Edit: May 6, 2013 1:46:16 GMT by watcher56

silverdragon
Demi-God

Busters Stunt Double, .. because "Life" is something that happens when your planning something else.

Posts: 19,452

Firefox hacked... who else?.. May 6, 2013 8:12:01 GMT

Quote

Post by silverdragon on May 6, 2013 8:12:01 GMT

2. For an expert user who examines the underlying code of the installed spyware, Gamma includes verbatim the assembly manifest from Firefox software.

This is the reason we are worried.
Just HOW to distinguish it from Mozilla's own software... which is Free... its open source, ANYONE can use it, anyone can update it, that is the way it was designed....

If the trend is now to use it for "Spyware", this could be the end of open source software.

This is a trial of just how much can be done to prevent "Abuse" of open source software.

So far, we are not sure of how it is operating....
Note, this may change as as I am actually typing this?....
Does it replace the existing Firefox, or would you have two instances of Firefox running at the same time....
It is suspected that two programs with the name Firefox would be running.

In the above quite it mentions "Expert user", I suppose I class myself as one of them...
On my second screen, I have a version of Process explorer (Sysinterals.com) that tells me what is running.
I use this because it also tells me HOW its running... that way I can tell, by CPU use, if a batch of photographs I am running through a batch convert has finished yet, or if a Video has finished swapping from drive to drive (Hard drive cam-corder)....
But I would see two instances of Firefox and immediately investigate?....

But if anyone else out there had TWO instances of firefox, would you, 1) notice, 2) do anything about it?...

The main concern now is how "Wild" has this got, who else has done similar, how many clumsy clones are there, and who is using Firefox as a name to commercially "Spy" on unsuspecting users...

-x-clacks-GNU Terry Pratchett----Release the Clan Mac Feegle, awae hame ye scunners.[p]Most of my Job is avoiding Stupid. ...You cant Fix Stupid. Especially when you turn Left at Hammerhead.

Firefox hacked... who else?..

Post by silverdragon on May 3, 2013 8:43:45 GMT

Post by privatepaddy on May 3, 2013 11:24:55 GMT

Post by Antigone68104 on May 4, 2013 23:06:36 GMT

Post by silverdragon on May 5, 2013 7:26:14 GMT

Post by OziRiS on May 5, 2013 21:05:04 GMT

Post by watcher56 on May 6, 2013 1:41:59 GMT

Post by silverdragon on May 6, 2013 8:12:01 GMT