Recent versions of Firefox have been taking a more proactive approach to keeping Adobe Flash secure by checking the version of Flash installed and informing users that they need to upgrade Flash to a newer version if it is outdated. Simple enough. Perhaps too simple.

Now the makers of the familiar fake Windows Security Alert con and the bogus Anti-Virus malware have begun to craft webpages that look identical to the page that appears after users have started a freshly-upgraded version of Firefox, except they now have to upgrade Adobe Flash. It doesn’t require the user to click on a download link; it tries to start a download immediately upon page load.

Naturally users will download the legitimate looking executable and run it upon completion. In all, it is a very convincing tactic with a pretty flawlessly executed plan besides the URL being not that of a Mozilla Firefox owned domain. Of course, it isn’t a newer version of Flash. It’s the good ‘ol rogue AV that has been creeping into every corner of the web by any means possible, doing all the nasty things it always does. Security vendors are already aware of the threat and rolling out definition updates to detect and thwart this attack.

More on it over at F-Secure with screenshots

“Be careful when you fight the monsters, lest you become one.” -Friedrich Nietzsche

The developers of popular Mozilla extension AdBlock Plus had been receiving bug reports of “issues” with another popular extension, NoScript, after an update was issued by the developer of the script-blocking software. The AdBlock Plus developers decided to take a look into what was wrong and found something extremely disturbing. The 1.9.2 update of NoScript had incorporated an obfuscated piece of code that actually made changes to AdBlock Plus to allow for ads on the NoScipt and related sites to be shown. In otherwords, it does what a viruses and other malware does to antivirus software only in reverse; instead of blocking access to update sites, it forced AdBlock Plus to allow ads to be shown for the developer’s site explicitly. This most likely would have flown under the radar had it not completely broken Adblock Plus and get caught doing unethical things to other software for self-interest. The issue snowballed when the issue made it to Reddit and caused an outrage amongst faithful users of both extensions. To make things worse, the developer only slightly backtracked; allowing the user to allow or disallow the code modification upon installation of NoScript. The developer eventually removed the code completely in version 1.9.2.6, but not without severely impacting user opinion of the software and spurring discussion of a policy change regarding Mozilla Extensions.

More after the jump.

http://adblockplus.org/blog/attention-noscript-users