Mozilla Warns of Fake Thunderbird Downloads Delivering Ransomware

Mozilla has issued a warning about malicious websites offering downloads of Thunderbird, after it was discovered that a ransomware group was using this method to deliver malware. The group, known as Snatch, has been disguising its malware as popular applications such as Adobe Reader, Discord, Microsoft Teams, and Thunderbird. Mozilla is actively trying to take down these malicious websites, but it is difficult due to their location in Russia. Thunderbird, although having a small market share, is still used by a significant number of individuals and organizations who could be targeted by Snatch ransomware. The US government has also issued an alert about Snatch ransomware attacks.