kovter virus
I received a notice showing the Firefox logo, and presented as a new patch requirement, for immediate install. the file downloaded onto my desktop, and then no longer existed even without me deleting it. I immediately conducted a search to see if I could find any info for the patch, and I did see a Firefox update for 6/28/2016, but not as a patch. I began to run scans, and did identify that the file came from baehaoolroo.net, or so it appeared to. My maleware scan showed three trojan files that were installed on 6/28, and I believe that they were installed through a fake Firefox patch. This may be a critical item, or I may not be fully informed, but the Microsoft scan found Koverter!rfn, and the malwarebytes scan found three file less trojans. I hope this helps, please advise should you have additional info.
All Replies (2)
No it is not legit. The fake updates exe can install things like trojans, viruses or unwanted software based on past reports.
The desktop Firefox is not just for Windows as it is for Mac OSX and Linux also so .exe would not be an effective way to send out Firefox updates. The updates are done internally in Firefox (with a .mar file) during automatic and check for updates or by download from mozilla.org like say www.mozilla.org/firefox/all/
Even if Mozilla were to use .exe for Firefox updates on Windows, they would be serving them from a *.mozilla.org url and not from random websites with weird names.
There is actually a 47.0.1 update today https://www.mozilla.org/firefox/47.0.1/releasenotes/ however it is not a automatic update and will be for those who manually check for updates in Help or by download at mozilla.org
Modified
Report this as "distributing modified Firefox/malware" at https://www.mozilla.org/legal/fraud-report/ (url is at bottom of many mozilla.org sites) and Google may block if reported enough at https://www.google.com/safebrowsing/report_phish/ which can be accessed by Help > Report Web Forgery in Firefox.