Firefox Hijacked!

I stupidly allowed a browser hijack affect my Firefox. It periodically throws a notification that I need to renew my Macafee subscription. I don't have Macafee. I looked for a new, suspicious extension, but found none. I removed Firefox using sudo apt -remove Firefox and then reinstalled, but that did not clear up the infection. I suspect "leftover" files in some directory or other are at fault, but I'm not sure where to look. There are .mozilla and .firefox directories, as well as files in /etc and elsewhere. Any ideas where I can look?

Purge probably wont clean you home directory. Try deleting .mozilla and .firefox inside ~ and ~./config etc


Thanks. I've gone a few steps further. I installed clamav and will be scanning and running it from now on. I also installed my preferred browser, Brave. It used to be that Brave was unstable on Linux, but it seems to have improved greatly!

I'll probably re-install Firefox after I've thoroughly cleansed my machine, but Brave is going to be my default from now on (unless it breaks).

1 Like