Mozilla banned hundreds of malicious Firefox add-ons over the last weeks

January 27, 2020  By Pierluigi Paganini


Mozilla is intensifying the efforts to protect its users, in the last couple of weeks, the security staff has banned 200 malicious Firefox add-ons.

Over the past two weeks, Mozilla has reviewed and banned 197 Firefox add-ons because they were executing malicious code. The malicious Firefox add-ons were found stealing user data and for this reason, they were removed from the Mozilla Add-on (AMO) portal.

Mozilla also disabled the malicious add-ons in the browsers of the users who have already installed them.

The apps were using obfuscation to hide their source code and were downloading and executing code from a remote server, a behavior that violates the policy of the portal. Downloading code from a remote server could allow threat actors to execute malicious code within the browser once it will be dynamically downloaded from a server under their control.

Mozilla banned 14 Firefox add-ons ([1], [2]. [3]) because they were using obfuscated code and potentially hiding malicious code.

Most of the banned apps have been developed by 2Ring, a provider of B2B software.

Mozilla banned for the same reason six Firefox add-ons developed by Tamo Junto Caixa, and three add-ons that were fake premium products.

Mozilla also banned an unnamed add-onWeatherPool and Your SocialPdfviewer – toolsRoliTrade, and Rolimons Plus for collecting user data without consent.

The organization also banned for malicious behavior other 30 add-ons.

Firefox also reported the case of an add-on named Fake Youtube Downloader was spotted attempting to install a malware in users’ browsers.

Mozilla also banned Firefox Add-ons like EasySearch for Firefox, EasyZipTab, ConvertToPDF, and FlixTab Search were for intercepting and collecting user search terms, a behavior that violates the rules.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Mozilla, Firefox)

[adrotate banner=”5″]

[adrotate banner=”13″]



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

A new piece of Ryuk Stealer targets government, military and finance sectors

 A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial...