Mozilla has sent out a cease-and-desist letter to Gamma International, who has been disguising commercial malware as Mozilla’s Firefox web browser. Gamma’s software uses Mozilla’s trademarks and brand to mislead consumers into thinking its product is affiliated with the company. In the properties of the fake Firefox browser, all of the information, including version number, copyright, trademark claims, and more are exactly the same as the genuine Firefox browser.
Mozilla was alerted to Gamma’s illegal activities by a group known as the Citizen Lab. The group discovered that the spyware posing as Mozilla Firefox is called either FinSpy or FinFisher, and it was sold to various governments for usage in criminal investigations. FinSpy has command-and-control servers in 36 countries, including the United States, Canada, Japan, and the UK.
Gamma’s fake Firefox was used in a variety of harmful and deceitful ways. The Citizen Lab provided 3 examples of how it was used, including a spyware attack in Bahrain against pro-democracy activists, tricking the people of Malaysia by posing as a document that discusses Malaysia’s upcoming General Elections, and being demonstrated in promotional videos and brochures by Gamma itself.
Luckily for Firefox users, Mozilla assures everyone that the spyware does not infect the real Firefox. Unluckily for Mozilla, this isn’t the first time its product has been misued for the purpose of evil. Back in 2010, there were nearly 200 sites deceitfully using Mozilla’s brands for illegal activities, including distributing malware or requiring users to pay for the sites’ service. Mozilla developer Asa Dotzler’s statement back then still echoes on today, “If you’re being asked to pay for Firefox, it’s a scam.” Also, always make sure that you download Firefox straight from Mozilla, and not some sketchy site.