If you needed another reason to install an ad-blocker on your web browser, read on.
Mozilla Firefox users are this week being urged to update to the latest version after an exploit was found being used in the wild which allowed the scooping up of files from users' computers via an ad without leaving a trace behind of the hack.
In a blog post, Mozilla said the ad, found on a Russian news website, was "serving up a Firefox exploit" which allowed code to be run on a user's computer to search files, which were then uploaded to a server in Ukraine. The exploit affects Windows and Linux users; Mac users weren't specifically targeted this time around, but the company warned Mac users "would not be immune" should a hacker decide to target them using the same vulnerability.
And the worst part is, if you're targeted you'll have no way of knowing, because the exploit leaves no trace it has been run on your computer.
If you're like the one million Australians who use ad-blocking software, however, you "may have been protected" from the malicious exploit depending on the type of software you use and the level of filtering, Mozilla has advised. The vulnerability relates to Firefox's PDF viewer, so products without a PDF viewer, such as Firefox for Android mobile devices, were not at risk, it said.
Mozilla is urging anyone using Firefox on Windows or Linux to install the latest Firefox — versions 39.0.3 for personal users and Firefox ESR 38.1.1 for enterprise — which include a patch for the vulnerability.
-- submitted from IRC
(Score: 5, Funny) by nyder on Tuesday August 11 2015, @02:35AM
They aren't stealing my files, they are just making copies of my files. I'm not missing any files this way, it's just the contents of the files they have also.
So please stop using stealing, as no one is being deprived of any property.
(Score: -1, Insightful) by Anonymous Coward on Tuesday August 11 2015, @02:38AM
That steamy erotic novel you've been writing looks valuable. I think I'll publish it before you do.
(Score: 0, Flamebait) by Anonymous Coward on Tuesday August 11 2015, @03:12AM
If somebody obtains a file from my computer without my permission, it's stealing. I don't care if it's just a copy, it's stealing.
(Score: 0) by Anonymous Coward on Tuesday August 11 2015, @07:49AM
I just stole your kernel32.dll
Do you still not care whether or not it was just a copy and you still have the original?
(Score: 1, Funny) by Anonymous Coward on Tuesday August 11 2015, @03:27AM
/me wonders why parent is modded +5 Funny
I don't detect the sarcasm or humor... It seems completely sincere to me? Maybe I'm broken.
(Score: 1) by drgibbon on Tuesday August 11 2015, @01:38PM
I didn't think it was intended to be funny either.
Certified Soylent Fresh!
(Score: 2) by tibman on Tuesday August 11 2015, @01:40PM
Here you go: https://www.youtube.com/watch?v=HmZm8vNHBSU [youtube.com]
SN won't survive on lurkers alone. Write comments.
(Score: 2) by maxwell demon on Tuesday August 11 2015, @07:44PM
https://www.youtube.com/watch?v=xuxO6CZptck [youtube.com]
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Tuesday August 11 2015, @07:51AM
Big difference.
Most people probably don't have anything worth copying anyway (what's a savegame with two achievements worth nowadays?)
But they also don't have backups, so losing a file, that would be bad.
(Score: 3, Informative) by tibman on Tuesday August 11 2015, @01:42PM
Bitcoins may be a big one. They are only copied, yes. But once the copies are spent the originals are useless.
SN won't survive on lurkers alone. Write comments.
(Score: 1) by unzombied on Tuesday August 11 2015, @07:48PM
That's so funny I can hardly stand it. And it brings up a new point (to me): stealing, err, copying private files (whether "hackers" or TLAs) is not just an intrustion, but also a copyright violation.