What was it that MBG blocked?

[nukecad]

Firefox v113.0, MBG v2.5.9, Win 10 22H2 build 19045.2965

The statistics show that 2 malwares were blocked yesterday, but how do I get more details of just what was blocked and on what website(s)?

I had no onscreen warnings.
But I do have an idea that it may have been a cryxos trojan. (Tech Support Scam popup page).

A few days ago, on the 6th & 7th, some users on a vBulletin based forum I visit reported that their AV's were warning/blocking access to the forum.
For one user Bitdefender reported "Threat name: JS:Trojan.Cryxos.12456", and one user reported that his MBG threw a 'malicious activity' warning screen when visiting the forum (but didn't specify what).

Although not too concerning unless they actually phoned the number, I pointed them to the malware removal here if they wanted to get their machines checked over for malware.

[Porthos]

3 minutes ago, nukecad said:

but how do I get more details of just what was blocked and on what website(s)?

You will have to sift through the log.

[nukecad]

Thanks @Porthos

Downloaded and taking a look now.

EDIT- Unfortunately the log only has entries from today (my current session).

EDIT2- Closing and reopening Firefox shows that the MBG debug log that I can download only contains the information for the current session.

Oh well, it wasn't that important anyway, at least not this time.
But I'd have thought that at least one previous session would be more use than just the current one.
If your Firefox had crashed then you may well want to look at the log for the session that had just crashed, but as soon as you open a new session to get to the MBG log download ........

Edited May 11 by nukecad

[gatortail]

@nukecad there is a new notification included in the just released V2.6.2.  If we blocked a mailicious element inside an otherwise safe website we blocked the mailicious item and allowed things to proceed.  A credit card skimmer is one example.  This happened silently unless you happened to open the BG UI while visiting the site in question.  If a site was deemed entirely malicious we'd throw a block page.  Now you will receive a 5 second notification alerting you when a malicious element has been blocked.  Here's an example:

[Porthos]

21 minutes ago, gatortail said:

there is a new notification included in the just released V2.6.2

I was wondering why 2.6.2 took so long to get to Firefox.

[gatortail]

We are at the mercy of the store review/approval process.

[nukecad]

@gatortail sounds a good addition to me.

(Although I do wonder if you'll now get start to get complaints about too many such popups? Some users can be strange at times with what they choose to moan about).

[gatortail]

@nukecad We decided on the pop up route rather than delivering our traditional block page.  The pop up should only show up when a malicious script is encountered.

The fear is that without the pop up you could unknowingly share the site with family & friends that may not be using BG.  In that case they become compromised.  This at least brings attention to the malware.

Regarding the complainers about popup notifications, we will had a setting to bypass it in the next release but I HIGHLY recommend it not be turned off for the reason above.