Not the real Firefox 7 website - be wary of Google's search results

Filed Under: Featured, Firefox, Google, Malware, Spam

If you're keen to download Firefox 7, please make sure that you download it from the correct website.

When I did a Google for "Firefox 7" this morning, look at the second result I received:

Google search result for Firefox 7

The site is called firefox7.org. So what do you see if you visit the firefox7.org website?

Not the real Firefox 7 website

You'll find some promotional puff about Firefox 7, followed by download links residing on a Blogspot page called "mozillas".

As you may have guessed by now, Firefox7.org isn't run by Mozilla.

Instead it was created earlier this year by a Chinese chap called Xiaojuan Zhang. At least, that's what the site's registration information says:

Domain Name:FIREFOX7.ORG
Created On:22-May-2011 02:11:29 UTC
Last Updated On:28-Aug-2011 10:51:34 UTC
Expiration Date:22-May-2012 02:11:29 UTC
Sponsoring Registrar:GoDaddy.com, Inc. (R91-LROR)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT RENEW PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Registrant ID:CR83647748
Registrant Name:Xiaojuan Zhang
Registrant Street1:1209 B BlockZhongshen Garden
Registrant Street2:Futian
Registrant Street3:
Registrant City:Shenzhen
Registrant State/Province:Guandong
Registrant Postal Code:518033
Registrant Country:CN

Also included are Xiaojuan Zhang's email address and phone number.

Quite why this webpage was created is unclear.

Is Xiaojuan Zhang a fervernt fan of Firefox? If so, why not link to the proper download page rather than to a bunch of links hosted on Blogspot?

Is Xiaojuan Zhang trying to spread malware? We hope not, and we haven't seen any malicious links on his webpages yet. But obviously the site could be updated at any time.

Is Xiaojuan Zhang attempting to make money from interest in Firefox 7? That certainly seems likely. Some of his webpages contain Google Adwords, which presumably he is hoping will earn him some revenue - especially considering how high his site is appearing in Google Search results at the moment.

Whatever the intentions of the person behind this website, it seems pretty silly for Mozilla not to have registered this domain to avoid this kind of thing from happening, considering how quickly they are getting through version numbers these days.

If you're planning to download Firefox 7, make sure that you get it from the authorised download site, rather than a third party who may have unclear motives.

, , , , ,

You might like

10 Responses to Not the real Firefox 7 website - be wary of Google's search results

  1. Luckily the file he linked to is the real Firefox installer. It could very well link to a trojan horse or any malicious files.

  2. Sean Sullivan · 1128 days ago

    Graham,

    Your post seems a bit unclear to me as to what one will get if downloading “from” mozillas.blogspot.com… so I clicked through to the actual download links, and they are using the official host: http://download.mozilla.org.

    It is of course excellent advice to suggest that folks seek out the official site in the first place, but you should have been more clear about this particular case.

    To me, it seems more silly that Google would actually rank this result… but then again… it does link to a BLOGSPOT blog, no?

    Hmm… wasn't Google management just in front of the US Congress claiming that they didn't give their own stuff preferential treatment in search results?

    • Thanks for clarifying Sean!

      Yes, we haven't seen anything dodgy linked to by this guy's site - but of course that could change at any time.

      At the moment, my guess is that he's doing this for advertising money rather than malware.

      Still a good lesson for all.

  3. Loqqy Free · 1128 days ago

    Noticed exact same link to FF 7 download and it is a nuisance for those trying to download from Mozilla. Wish Google would zap these opportunistic sites to the bottom of their search results.

  4. Mark · 1127 days ago

    At the rate Mozilla is increasing version numbers they're going to have to register domain names for every TLD from Firefox8 to Firefox100. That could end up pretty expensive! :-)

    • arahman21 · 1127 days ago

      At least he didn't go for Chrome. As soon as he had done registering for Chrome 13, Chrome 14 would have been out.

  5. He also own http://www.mozilas.com/ (NOT real Mozilla website). Also, Firefox is offering affeliate points if someone downloads Firefox via the affeliate's link. Perhaps the site is doing that?

  6. Van · 1126 days ago

    There's also another website http://www.getfirefox7.com.. when you type "firefox" it's no. 3 on the list.. is it also an illegitimate website?

    • Chester Wisniewski · 1125 days ago

      It is a domain parked page with advertising. It is clean right now, but won't necessarily stay that way.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.