Malicious warez site offers Firefox 4.0 beta download scam

less than 1 minute read

Like a lot of seedy stuff, this started with a Twitter post:.

Firefox_20crack_twitter

The current working version of Mozilla’s Firefox browser is 3.6.8. Version 4 is in beta testing. You get them FREE from Mozilla..

Real_20Firefox

Why would you need a crack (program with its password broken) or a keygen (application that generates a password for a password-protected program) for something that is FREE?

Well, there’s a sucker born every minute and the folks at this warez (pirated software) site are betting there are a lot of them using Twitter.

Anybody who was unwise enough to bite on this, (if they were running a trusted Antivirus) would see this when they hit the download button for the crack or the keygen:

FF_20Crack

The crack and keygen were infected with a Trojan downloader VirTool.Win32.Obfuscator.hg!b (v). That’s the Sunbelt detection for an old standard commonly known as “2GCash-FakeCrackSerial.”

Clicking the button to downloading Firefox 4.0 takes the potential victim to another site:

FF_204_0_20download

That one offers a whole nest of things to download that are infected with:

FraudTool.Win32.FakeVimes
Trojan-Downloader.Win32.CodecPack.2GCash.Gen
Trojan.DNSChanger.Gen
Virus.Win32.Parite
TrojanDownloader-Win32/FakeRean

Leave a comment