Updating the Firefox from version 33.1 to 34.0.5 leads to critical browser hijacking.




3 years ago
3 years ago


(Reporter: niteshnddn, Unassigned)


34 Branch
Windows 8

Firefox Tracking Flags

(Not tracked)



(1 attachment)

205.50 KB, application/vnd.openxmlformats-officedocument.wordprocessingml.document


3 years ago
Created attachment 8545324 [details]

User Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0
Build ID: 20141126041045

Steps to reproduce:

I was going good while i was using Mozilla web browser version 33.1 and all of a sudden I saw an update for Mozilla and updated the browser to version 34.0.5. After completing my update, I restarted my system as I always did.

Actual results:

After restarting my system, my system seemed to be acting slower than before. I thought it was kinda okay. But after 2 hours of update or so, i thought of checking my task manager as the system was  really very slow by this time and then i found out my CPU usage being about 100% where as i had not even used any application or any tools. Then i was like..What is going on with my PC? And I felt really very bored and turned of my PC. And now after restarting my PC i see a new search engine which was "My Start Search". Usually when i open my Mozilla i use "open a new tab" option but this time the home page is set as "mystartsearch". I was like "God !! Did i do it?" no way...and i tried to remove it from the option menu restarted my system and saw it again over there. Then i shifted to the other browser(Chrome), the same search engine is there. I jumped into InternetExplorer, the same search engine is there. I tried to remove it for more than 3 times or so, but is still there...and i performed some research on it and found that "MyStartSearch" is literally a malware (Browser Hijacker). And this is when I share my research to the Team Mozilla. This all happened while I updated my Mozilla and now it is literally full of browserHijacking malware in my system that has an ability to fully crash my system too. And one more thing is that while i go to one link the web page is then transported to some other unknown page, some times it's the page full of source code, where as some time the link does not gets clicked too.  

Expected results:

What i expect is the Mozilla team to perform more research on the bug i am reporting and patch the bug immediately and secure the general public's data who use Mozilla and secure the general public from browser hijacking which might result to fully system failure as well as web page redirection.
Firefox updates are signed and delivered securely; you did not get infected through the Firefox update. You were most likely already infected. many times these things install "adware" add-ons like this but new add-ons don't take effect until the browser is restarted. Since the update triggered a Firefox restart that's when you noticed the malware's addon.

You will need technical support (Mozilla's, or ideally one of the several that deal with malware removal) to clean this up. It can't really be "fixed" as a bug on Firefox's end. (However, we are in the process of adding features to Firefox to make it more resistant to malware.)
Group: core-security
Last Resolved: 3 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.