Mozilla/4.08 (Charon; Inferno)
User agent Mozilla/4.08 (Charon; Inferno), is usually associated with the Lokibot attack.
However, when seeing this version connecting to supposed "legitimate" locations seems to be harmless.
I have seen a comment that "Mozilla Firefox versions follow a specific numbering convention, and any version starting with "4.08" would be highly suspicious and likely not an official release. The official Mozilla Firefox versions during that time would have been in the range of 1.x, 2.x, 3.x, 5.x, 6.x, and so on."
Could you please confirm if this mozilla version is verified and secure?
Alle antwoorden (1)
There was the Firefox 4.0 and 4.0.1 Releases https://www.mozilla.org/firefox/releases/ however there was never a 4.08 version whether as Firefox or the old Mozilla suite as the last version was 1.7.13 Released a long time ago and then the suite continued as SeaMonkey by the community.
Also the version format of 4.08 is incorrect for a Firefox version as it would be say 4.8 or 4.0.8 if they existed.
Also web browser useragents start with Mozilla/5.0 however in modern browsers, this is only used for historical reasons. It has no real meaning anymore