• Off-Topic
  • Possible Phishing Attack This Morning

related? on xfce my firefox launches on boot. I haven't set this or added this in xfce autostart. and I can't find a firefox setting for this. it's driving me crazy. I may remove my own xfce firefox and reinstall.

appreciate your PSA.

I don't think removing Firefox was necessary, was Firefox (and system) up-to-date?

    WetGeek
    after deinstallation firefox:
    did you also manually delete the /.mozilla-directories in your home-directory and in /.cache ?
    because these remain even after deinstallation.
    so just in case - to be sure - you can delete them.

    right now i am also thinking about the question how i could check if my machines might have some malware on the Master Boot Record, or whereever. but i have no idea how i could manage that...

    WetGeek Along those lines I got two file managers I have one program dont remb
    what it is at moment but it launches the alternate file manager everything else uses the default.
    Not sure why that is never really looked into it.
    So for some reason it happens.

    Solarmass I don't think removing Firefox was necessary,

    Since I don't use Firefox, it was an easy decision, whether necessary or not. Things didn't start to go bad until I clicked on a normal-looking link to an article in a email from a news source I work with every morning. I don't have any idea where the exploit came from, or at what point it entered my system. Need I say, this all happened very fast?

    It's possible that the email was compromised before it got to me, but I consider that unlikely. It's possible that recent updates of Thunderbird or Firefox were infected - something I consider HIGHLY unlikely. But since I don't know how my system got infected, I just know that it DID, somehow.

    If I'd known to be more careful than usual when I clicked the link in the email that launched the browser, I might have avoided all this. That's why I posted this message. By knowing what happened to me, someone else might be able to figure out what happened before it happens to them. I wish I had more clues to offer.

    If you think that the system is affected somehow, maybe just reinstall it to be sure 🤷

      It would be good measure to change passwords on your email accounts too. Typically a good move to make after any unwanted activity.

      this is the rare instance I would install CLamAv from flatpak and run it. There will be a ton of false positives.
      Of 1000 warnings I got. Libre office suite threw about 990 of them (normal I'm told), and the other 10 were PUP's...

      be interesting to see what they flag.

      This disgusting behavior you had to tolerate....I haven't see that since Windows days.

        Solarmass maybe just reinstall it to be sure

        I just finished doing that. Mostly configured now. I'm writing this post using it.

        brent I would install CLamAv from flatpak and run it

        Oh ... too late. I already nuked it and reinstalled. Mostly finished with that now.

          WetGeek nice. I would've burned it to the ground to be sure, too. Now you gotta spend a day getting the XFCE where you had it but at least you don't have to worry.

            brent Now you gotta spend a day getting the XFCE where you had

            Not quite that long, thankfully. It's done now.