Fake Mozilla Firefox 8 Update Email Leads to Malware

 Analysis by: Jude Bordallo

Trend Micro researchers recently received a mail notification that advertises the new Mozilla Firefox 8.0, purportedly from Mozilla Firefox. The mail goes on to describe the aforementioned version of Firefox as one optimized with Facebook features, such as profile viewers. It even insists that this version is recommended by Facebook, and users should click on the hyperlink in order to download their free upgrade. As expected of spam, the link redirects to a URL that leads to the malware TSPY_CARBERP.JG

Users are once more reminded to always be vigilant about suspicious messages and avoid clicking links inside these messages. Deleting messages right away if there is any doubt of their veracity should be adopted as a standard practice.

 SPAM BLOCKING DATE / TIME: November 23, 2011 GMT-8
  • ENGINE:6.8
  • PATTERN:8536