Mozilla discovered that the Thunderbird email client began to be distributed on various third-party sites with malware compiled into it.
Ads appeared on the Google advertising network offering to install “ready-made builds” of the client. After installing such a build, it begins to collect confidential information about the user and sends it to the scammers’ servers, and then users receive a letter asking them to pay to maintain confidentiality.
The developers recommend not installing software from dubious sources, but using the distribution repositories, the official website or Snap and Flatpak packages.
Similar builds of Discord, Microsoft Teams and Adobe Reader have also been spotted.
Source: linux.org.ru
