Ransomware

Mozilla Warns of Fake Thunderbird Downloads Delivering Ransomware

Mozilla issues warning over fake Thunderbird downloads after a ransomware group was caught using this technique to deliver malware.

Eduard Kovacs

October 4, 2023

Mozilla issued a warning this week over malicious websites offering Thunderbird downloads after a ransomware group was caught using this technique to deliver malware.

Cybersecurity journalist Brian Krebs reported last week that a website where the Snatch ransomware group names victims had been leaking data, including visitor IPs and information on internal operations.

According to Krebs, the leaked data suggests that the Snatch cybercrime group has been using paid Google ads to deliver its malware disguised as popular applications such as Adobe Reader, Discord, Microsoft Teams, and Mozilla Thunderbird.

Following Krebs’ findings, Mozilla issued a ‘ransomware alert’ this week, advising users to only download Thunderbird from trusted websites.

Mozilla noted that it’s actively trying to take down malicious websites offering Thunderbird, but they are hosted in Russia, which makes takedowns “difficult and often not effective”.

Thunderbird has a market share of less than one percent in the email client category. However, that still translates to a significant number of individuals and organizations, which could be targeted by the Snatch ransomware.

The US government issued an alert recently, warning critical infrastructure organizations of ongoing Snatch ransomware attacks.

Advertisement. Scroll to continue reading.

Written By Eduard Kovacs

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Latest News

Click to comment

Virtual Event: Cyber AI & Automation Summit

Wednesday, December 6, 2023

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.

Virtual Event: Cyber Insurance & Liability Summit

Wednesday, January 17, 2024

As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.

Humans Are Notoriously Bad at Assessing Risk

When too much subjectivity is mixed into risk assessment, it can produce a risk picture that is not an accurate representation of reality. (Joshua Goldfarb)

5 Steps to Assessing Risk Profiles of Third-Party SSE Platforms

It's crucial to thoroughly assess the risk profiles of various SSE platforms and weigh their suitability against their organization's risk tolerance before adopting SSE. (Etay Maor)

Threat Intel: To Share or Not to Share is Not the Question

To share or not to share threat intelligence isn’t the question. It’s how to share, what to share, where and with whom. (Marc Solomon)

Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation

By embracing a strategy that combines technological advancements with critical thinking skills, collaboration, and a culture of continuous learning, organizations can safeguard against AI's disruptive effects. (Rik Ferguson)

Offense Intended: How Adversarial Emulation Went From State Secret To Board Bullet Point

Offensive Security does not focus on discreet attacks, singular actors, or Indicators of compromise, but understands the entirety of both sides of the battlefield. (Tom Eston)