Attack site locks Firefox 31.0 to extort money
Using release 31.0 on Mavericks OS.
I was somehow attacked and it took me to here: DO NOT OPEN THIS URL: alert24world4xi.us which locks up the Firefox browser (can't close, can't navigate away.) I forced a close only to discover when I relaunched FF I was right back at the attack site and unable to exit.
It is a fake NSA warning that demands money
I had to trash FF and reinstall.
Thanks good people! Another FF security pot hole to fill.
{
"application": { "name": "Firefox", "version": "31.0", "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Firefox/31.0", "supportURL": "https://support.mozilla.org/1/firefox/31.0/Darwin/en-US/" }, "crashes": { "submitted": [], "pending": 0 }, "modifiedPreferences": { "accessibility.typeaheadfind.flashBar": 0, "browser.cache.disk.capacity": 358400, "browser.cache.disk.smart_size.first_run": false, "browser.cache.frecency_experiment": 4, "browser.cache.disk.smart_size.use_old_max": false, "browser.cache.disk.smart_size_cached_value": 358400, "browser.places.smartBookmarksVersion": 7, "browser.search.useDBForOrder": true, "browser.sessionstore.upgradeBackup.latestBuildID": "20140716183446", "browser.startup.homepage_override.mstone": "31.0", "browser.startup.homepage": "about:home", "browser.startup.homepage_override.buildID": "20140716183446", "browser.tabs.drawInTitlebar": false, "dom.w3c_touch_events.expose": false, "dom.mozApps.used": true, "extensions.lastAppVersion": "31.0", "gfx.blacklist.direct2d": 3, "gfx.blacklist.layers.direct3d9": 3, "keyword.URL": "http://search.yahoo.com/search?fr=spigot-adr-ffmac&ei=utf-8&ilc=12&type=576859&p=", "network.cookie.prefsMigrated": true, "network.cookie.cookieBehavior": 3, "places.history.expiration.transient_current_max_pages": 104858, "places.database.lastMaintenance": 1407802141, "places.history.expiration.transient_optimal_database_size": 167772160, "plugin.state.default browser": 0, "plugin.importedState": true, "plugin.disable_full_page_plugin_for_types": "application/pdf", "privacy.sanitize.timeSpan": 0, "privacy.popups.showBrowserMessage": false, "privacy.donottrackheader.enabled": true, "privacy.sanitize.migrateFx3Prefs": true, "security.warn_viewing_mixed": false, "storage.vacuum.last.places.sqlite": 1406956416, "storage.vacuum.last.index": 1 }, "graphics": { "numTotalWindows": 2, "numAcceleratedWindows": 2, "windowLayerManagerType": "OpenGL", "windowLayerManagerRemote": true, "adapterDescription": "", "adapterVendorID": "0x1002", "adapterDeviceID": "0x6741", "adapterRAM": "", "adapterDrivers": "", "driverVersion": "", "driverDate": "", "webglRenderer": "ATI Technologies Inc. -- ATI Radeon HD 6750M OpenGL Engine", "info": { "AzureCanvasBackend": "quartz", "AzureSkiaAccelerated": 0, "AzureFallbackCanvasBackend": "none", "AzureContentBackend": "quartz" } }, "javaScript": { "incrementalGCEnabled": true }, "accessibility": { "isActive": false, "forceDisabled": 0 }, "libraryVersions": { "NSPR": { "minVersion": "4.10.6", "version": "4.10.6" }, "NSS": { "minVersion": "3.16.2 Basic ECC", "version": "3.16.2 Basic ECC" }, "NSSUTIL": { "minVersion": "3.16.2", "version": "3.16.2" }, "NSSSSL": { "minVersion": "3.16.2 Basic ECC", "version": "3.16.2 Basic ECC" }, "NSSSMIME": { "minVersion": "3.16.2 Basic ECC", "version": "3.16.2 Basic ECC" } }, "userJS": { "exists": false }, "extensions": [ { "name": "Craigslist Peek", "version": "0.544", "isActive": true, "id": "craigslistpeek@tech4computer" }, { "name": "DownloadHelper", "version": "4.9.23", "isActive": true, "id": "{b9db16a4-6edc-47ec-a1f4-b86292ed211d}" }, { "name": "Troubleshooter", "version": "1.1a", "isActive": true, "id": "[email protected]" }, { "name": "Adobe Acrobat - Create PDF", "version": "1.2", "isActive": false, "id": "[email protected]" }, { "name": "Adobe Contribute Toolbar", "version": "6.0", "isActive": false, "id": "{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}" }, { "name": "Craigslist Fusion", "version": "9.9.22", "isActive": false, "id": "[email protected]" } ], "experiments": []
}
TAB
Zmodyfikowany przez cor-el w dniu
Wszystkie odpowiedzi (1)
The hole has been filled;
disallow Script Button {web link} The Disallow Script button looks like a letter "M" and the title is the Minus Script, drag and drop the button on a toolbar. If the button is not displayed then nothing operates, except rules for plugins.