We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

kovter virus

  • 2 replies
  • 1 has this problem
  • 1 view
  • Last reply by James

more options

I received a notice showing the Firefox logo, and presented as a new patch requirement, for immediate install. the file downloaded onto my desktop, and then no longer existed even without me deleting it. I immediately conducted a search to see if I could find any info for the patch, and I did see a Firefox update for 6/28/2016, but not as a patch. I began to run scans, and did identify that the file came from baehaoolroo.net, or so it appeared to. My maleware scan showed three trojan files that were installed on 6/28, and I believe that they were installed through a fake Firefox patch. This may be a critical item, or I may not be fully informed, but the Microsoft scan found Koverter!rfn, and the malwarebytes scan found three file less trojans. I hope this helps, please advise should you have additional info.

I received a notice showing the Firefox logo, and presented as a new patch requirement, for immediate install. the file downloaded onto my desktop, and then no longer existed even without me deleting it. I immediately conducted a search to see if I could find any info for the patch, and I did see a Firefox update for 6/28/2016, but not as a patch. I began to run scans, and did identify that the file came from baehaoolroo.net, or so it appeared to. My maleware scan showed three trojan files that were installed on 6/28, and I believe that they were installed through a fake Firefox patch. This may be a critical item, or I may not be fully informed, but the Microsoft scan found Koverter!rfn, and the malwarebytes scan found three file less trojans. I hope this helps, please advise should you have additional info.

All Replies (2)

more options

No it is not legit. The fake updates exe can install things like trojans, viruses or unwanted software based on past reports.

The desktop Firefox is not just for Windows as it is for Mac OSX and Linux also so .exe would not be an effective way to send out Firefox updates. The updates are done internally in Firefox (with a .mar file) during automatic and check for updates or by download from mozilla.org like say www.mozilla.org/firefox/all/

Even if Mozilla were to use .exe for Firefox updates on Windows, they would be serving them from a *.mozilla.org url and not from random websites with weird names.

There is actually a 47.0.1 update today https://www.mozilla.org/firefox/47.0.1/releasenotes/ however it is not a automatic update and will be for those who manually check for updates in Help or by download at mozilla.org

Modified by James

more options

Report this as "distributing modified Firefox/malware" at https://www.mozilla.org/legal/fraud-report/ (url is at bottom of many mozilla.org sites) and Google may block if reported enough at https://www.google.com/safebrowsing/report_phish/ which can be accessed by Help > Report Web Forgery in Firefox.