There has been a data breach on the (convenience) archive server where an attempt was made to sabotage our project by infecting all archived Pale Moon executables present on the server at the time of the breach with malware.
The archive server has been shut down until a secure alternative is available.
Most of the versions of Pale Moon come with accompanying .sig files (pgp signatures) which you can use to verify that the files are not tampered with or changed in any way.
Apart from the period where code-signing was not used due to unavailability at reasonable cost for Open Source development, binaries have also been code-signed; which can be checked through a right-click -> properties -> tab "Digital Signatures". If this tab is missing, then the binary is either not signed or has been modified from its original.
Later versions of the archived executables also come with a SHA256 has in the accompanying file "hashes.txt". You can verify the integrity that way, too.
That kind of stuff is there for a reason, so should not be dismissed, ignored - simply because you're getting your download from a "trusted" source.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 5.1; rv:52.0) Gecko/20100101 SeaMonkey/2.49.5
According to the VirusTotal link, ClamAV doesn't detect this malware
Is there a signature I can add to ClamAV that would catch it? I have a couple old Pale Moon binaries which I don't remember where I got them, I don't think it was archive.palemoon.org but I'm not 100% sure, so I'd like to check to make sure they were not infected by this breach.
*Always* check the changelogs BEFORE updating that important software!
(While archive.palemoon.org is down, & .sig & "Digital Signatures" methods aside), do you have a listing of known good hashes that you could post so others questioning the validity of files they may have on hand can check against?
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 5.1; rv:52.0) Gecko/20100101 SeaMonkey/2.49.5