Superfish Malware

Recently, I have noticed that the NoScript add-on on my Firefox has been blocking some site called superfish.com on every page that I look at, including my own site – which has NO external links.  Something smells like rotten fish here, and I can’t stand that smell!  A bit of research shows that it is a shopping/price comparison service or some such. (I refused look at their homepage.)  Well, there’s another word for anything that wants to surreptitiously run script without my prior knowledge – it’s mal-FUCKING-ware.

So here’s how they get it on your machine.  You know all those great free add-ons and extensions for Firefox?  Well, apparently some of them aren’t making enough money from donations and have decided to get in bed with the blood sucking malware scum bags.  For a bit a cash, they put the malware code in their add-ons, and BOOM – there ya go.  I was in-fucked-ed by YouTube MP3 Podcaster.  No notification, no option to opt-out, nothing.

So, what do ya do?  Well, first and foremost, always run NoScript or some similar script blocking tool.  It gives you a good idea of what sites are doing when you are looking at them.  Once you are soiled by the greedy scum, disable any suspicious add-ons one at a time, restarting Firefox each time to make sure the unwanted script isn’t being run.  Then you can remove the guilty party when you find it.

Apparently just removing the add-on/extension gets rid of the problem, but it may depend on the malware in question.  In my case, disabling it has removed the unwanted script so I will go ahead and just remove it all together.

I’d like to find a list of all the add-ons that incorporate this kind of crap in their coding without giving the user a heads-up or the option to upgrade to a clean version with a donation.  If you know of any others, leave a comment, maybe I’ll get that list going here.