We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Hackers use fake Firefox update to spread toolbar

Hotbar app successor to Zango spyware toolbar

A security firm is urging web users to be wary of fake Firefox updates that instead install a toolbar, which is the successor to the notorious Zango spyware toolbar.

Security vendor eSoft said in a warning that the reprised Hotbar app, run as of May last year by a new entity called Pinball Corp, is being fed to users via a fake but convincing Firefox update page.

The update page - which users would come to through a search engine for the latest updates - looks identical to the genuine page in everything bar the version it is claiming to offer (3.5 where the most recent is 3.6) and some misspelling.

Windows users fooled into downloading and installing from the fake page will actually be getting a toolbar app that also hits the user with pop-up ads and a weather application in the system tray.

According to eSoft, the software is actually being fed without the direct knowledge of its creators, Pinball, which will likely be paying a third-party affiliate for every install.

As with the distribution of the original Zango Toolbar, how that install gets on to a user's PC is not their business.

Zango disappeared last April after several years in which it was accused of sneaking spyware on to users' PC without their consent, invariably by paying third parties to do the dirty work.

In 2006, it was fined $3m by the US Federal Trade Commission (FTC) for its actions.

It should be pointed out that what is at fault here is not the new toolbar app per se, but the way it is being distributed by a separate entity and installed under false pretences.

As ever, an application becomes legitimate if the user consents to its installation having had the proposition explained in an accurate way, but that is certainly not happening in this instance.

The genuine install site for Firefox updates can be found here.

Techworld

See also: 'Sleazy' Zango under fire for adware


IDG UK Sites

Very best Black Friday 2014 tech deals UK: Latest bargains on phones, tablets, laptops and more...

IDG UK Sites

Black Friday feeding frenzy infects the UK

IDG UK Sites

VAT MOSS: Will I be affected by the EU VAT changes? Here are the facts for designers and artists

IDG UK Sites

Black Friday 2014 UK: Apple deals, Amazon deals & Black Friday tech offers