“It’s important to note that the spyware does not affect Firefox itself,” said Alex Fowler, head of Mozilla’s Privacy & Public Policy.
With help from Citizen Labs, Mozilla has determined that Gamma International’s spyware is misleading users to think they are installing Mozilla’s popular open source browser Firefox. After discovering the spyware Mozilla has sent a cease and desist letter to Gamma International “demanding that these illegal practices stop immediately.”
Fowler stated that anyone who examines the spyware will find several Firefox and Mozilla markers that would mislead an unsuspecting user.
- When a user examines the installed spyware on his/her machine by viewing its properties, Gamma misrepresents its program as “Firefox.exe” and includes the properties associated with Firefox along with a version number and copyright and trademark claims attributed to “Firefox and Mozilla Developers.”
- For an expert user who examines the underlying code of the installed spyware, Gamma includes verbatim the assembly manifest from Firefox software.
Citizen Labs report covered FinFisher, which is malware that targets commercial networks. The particular spyware that has targeted Firefox is FinSpy. “We identify instances where FinSpy makes use of Mozilla’s Trademark and Code. The latest Malay-language sample masquerades as Mozilla Firefox in both file properties and in manifest.” The report stated, “This behavior is similar to samples discussed in some of our previous reports, including a demo copy of the product, and samples targeting Bahraini activists.”
In 2012 Mozilla was named the “Most Trusted Internet Company for Privacy” by the Ponemon Institute.
You can read Citizen Labs full report here.
*The Daily Widget would like to remind all of our readers that you should be careful when downloading any software, and should only download software from its content publisher. So please only download Firefox from Mozilla.org.