1 min read

445,000 Mozilla users targeted by malicious add-ons

Radu CRAHMALIUC

October 26, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
445,000 Mozilla users targeted by malicious add-ons

Mozilla reports it has identified and disabled two malicious Firefox add-ons installed on roughly 455,000 browsers.

The software modules, named Bypass and Bypass XM, first caught the eye of researchers in early June after abusing the proxy API to block Firefox updates.

According to Bleeping Computer, the two browser extensions were likely using a reverse proxy to bypass paywalled sites. However, Mozilla has said they were also intercepting and redirecting web requests to block users from downloading updates, updating remotely configured content, and accessing updated blocklists -- incriminating behavior that violates the company’s rules for add-ons.

Apart from blocking the extensions, Mozilla temporarily paused approval for new add-ons using the proxy API and has urged users to make sure their Firefox version is up to date.

Currently the fourth most-used browser in the world, after Chrome, Safari and Edge, users often see Firefox as a fast and generally safe open-source solution. However, this also makes it a favorite among cyber attackers.

Back in 2020, Mozilla took mass action banning nearly 200 shady Firefox add-ons that were caught executing malicious code or stealing user data. Many of them disguised themselves in sheep’s clothing pretending to be benign utilities likeFromDocToPDF, EasyZipTab or Fake YouTube Downloader.

Additionally, in February 2021, researchers discovered a malicious Firefox Gmail add-on, called FriarFox, that was targeting Tibetan organizations and ilegally accessing their Gmail accounts and browsers.

tags


Author



Right now

Top posts

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

December 21, 2021

2 min read
Online Shoppers Beware, Mobile Scams Are on the Rise

Online Shoppers Beware, Mobile Scams Are on the Rise

December 17, 2021

2 min read
The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Leading Underground Carding Website Closes Shop; Illegal Proceeds Mount to $358 Million Leading Underground Carding Website Closes Shop; Illegal Proceeds Mount to $358 Million
Alina BÎZGĂ

January 17, 2022

1 min read
Scammers Use Fake COVID-19 Test Websites to Steal Your Personal Info, BBB Warns Scammers Use Fake COVID-19 Test Websites to Steal Your Personal Info, BBB Warns
Alina BÎZGĂ

January 17, 2022

2 min read
Critical Vulnerability in 3 WordPress Plugins Impacts 84,000 Websites Critical Vulnerability in 3 WordPress Plugins Impacts 84,000 Websites
Vlad CONSTANTINESCU

January 17, 2022

1 min read