Site   Web

May 1, 2013

Fake Firefox Spyware Raises Mozilla’s Ire

British Company Accused of Using Browser's Trademark

Mozilla is on the warpath.

The maker of one of the most-used browsers on the Internet is accusing British company Gamma International Ltd. of producing commercial spyware that masquerades as Firefox.

Mozilla has sent Gamma a cease and desist letter to demand “these illegal practices stop immediately,” Alex Fowler, head of privacy and public policy for Mozilla, said in a blog post.

The issue came to light after a report issued by The University of Toronto’s Citizen Lab alleged that Finfisher, also known as FinSpy, is posing as an update to Firefox on PCs.

Finfisher is a surveillance software thought to be used by a number of govenments, including the U.S. and the U.K.

“Through the work of the Citizen Lab research team, we believe Gamma’s spyware tries to give users the false impression that, as a program installed on their computer or mobile device, it’s related to Mozilla and Firefox, and is thus trustworthy both technically and in its content,” Fowler said.

Fowler said Finfisher is able to trick Firefox users in two ways: by misrepresenting its program as “Firefox.exe” and using an identical assembly manifest from Firefox software.

“As an open source project trusted by hundreds of millions of people around the world, defending Mozilla’s trademarks from this type of abuse is vital to our brand, our users and the continued success of our mission,” Fowler said.

The spyware does not affect Firefox “either during the installation process or when it is operating covertly on a person’s computer or mobile device,” Fowler said, adding the Finfisher software remains separate, only using Firefox trademarks to “lie and mislead as one of its methods for avoiding detection and deletion.”