FYI.
A tripwire daemon would catch the changed size of the executables, right?
CP/M - The only way to go.
This is as I predicted here on FR last year (and got thoroughly trashed as being a complete ignoramus). I love Firefox. I'm using it right now, but Mozilla used to benefit from its relative anonymity. Why go after it when you could screw up the day of millions of Windows' users.
Well, boys and girls, success has now made Mozilla a target....
Thanks for alerting us.
Another important step is get the package signatures (MD5, SHA, PGP, etc) from a different service and compare to the signature of the downloaded package. Some folks download the source and compile to produce just the signatures as a public service.
I don't see this mentioned anywhere on the mozilla page, btw. However it's mentioned in the developer side. Other open source binaries (e.g. Apache, OpenOffice, etc) usually are distributed with signatures.
Sometimes, it's important to dig a little deeper. In this case, it was not mozilla.org that had the infected binaries, but rather a Mozilla fan site in Korea. This should not need repeating, but it's probably not safe to donwload programs from arbitrary servers on the Internet.
You can continue to safely download files from mozilla.org
Maybe on Linspire - a Linux for newbies that logs users on as root (like WinderzXP). Not on my Debian box.
GNU Project's FTP Servers Hacked
Things like this happen when you let just anyone view your source code.
Seems to be a recurring problems for these Mozilla guys.
http://www.mozillazine.org/talkback.html?article=6771
Nice blimp.