Today I was asked to update my video player due to an out dated version of Firefox.
This was a tip off that something nefarious was about to happen, as I have the latest version of FF.
There are more clues.
A huge full page pop under after visiting a page claimed my video player needed updating because my Firefox was out of date.
That is rather a stupid mistake, why update one because of the other?
The pop under url was about half a mile long and contained two web addresses not associated with Mozilla or any video players that I use.
The page looked like an official Mozilla bulletin, however Mozilla does not do that and the FF logo was backwards.
Blue on the bottom orange on top.
This is the url.
http://www.bvozo1y90j.com /6A445F3F404E38314571783373295B561AFB0521A460350CF5FA43A0C5E1F21BAD112B3F431355DEDEFFB79F5D7EDC58?pixel=1413809000529_1413808997775_112_590_11694859_1&tgu_src_lp_domain=ww.dlsofteclipse.com Notice the built in redirect? Notice the word "BAD"? Seriously why not just call it "harmlessupdatenotmalware" ?
Basically what will happen here is a folder will be created that allows a browser ad on to install silently that will allow malware to install itself , and then reinstall itself if it is removed.
Do not click on this pop under. Use ALT-F4 to kill the process while it is displayed. If you continue to get this pop under do a malware scan.
Reset Firefox via the " troubleshooting information " link in the Help tab.
I have not seen this on IE and I don't use Chrome or Opera so I do not know if the scam is on them.