Here is a website hosting the firefox-patch.js malware file
Here is a website (or maybe the only site) hosting the "firefox-patch.js" malware file. It is coming up through "adchoices" adverts but is coming up on many random webpages like Yahoo Mail, eBay and others. Here's the website...
https://uxeezdirecta.org/2021220068217/2c007c89cc3bee49145b5847049b955d.html
I wish you could "fix" firefox so that some malicious website can't try to automatically try to download files onto our PC's. We don't even have to click on anything on the webpage and a webpage comes up saying "Your FireFox needs to be updated." And we're asked to save and run the "firefox-patch.js" file. As far as I know this attack isn't possible with Chrome. Why can they exploit FireFox but not Chrome?
所有回复 (2)
Yes, Chrome is affected by that potential exploit.
To block it in Firefox use the uBlock Origin extension. https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
Swim222 said
As far as I know this attack isn't possible with Chrome. Why can they exploit FireFox but not Chrome?
The same group or persons is doing this to Google Chrome users on Windows also with the same sites being used but with a different background and files being served. One of many threads on this for Chrome is at https://productforums.google.com/forum/#!topic/chrome/HcXgFFaO9WU