445,000 Mozilla users targeted by malicious add-ons
Mozilla reports it has identified and disabled two malicious Firefox add-ons installed on roughly 455,000 browsers.
The software modules, named Bypass and Bypass XM, first caught the eye of researchers in early June after abusing the proxy API to block Firefox updates.
According to Bleeping Computer, the two browser extensions were likely using a reverse proxy to bypass paywalled sites. However, Mozilla has said they were also intercepting and redirecting web requests to block users from downloading updates, updating remotely configured content, and accessing updated blocklists -- incriminating behavior that violates the company’s rules for add-ons.
Apart from blocking the extensions, Mozilla temporarily paused approval for new add-ons using the proxy API and has urged users to make sure their Firefox version is up to date.
Currently the fourth most-used browser in the world, after Chrome, Safari and Edge, users often see Firefox as a fast and generally safe open-source solution. However, this also makes it a favorite among cyber attackers.
Back in 2020, Mozilla took mass action banning nearly 200 shady Firefox add-ons that were caught executing malicious code or stealing user data. Many of them disguised themselves in sheep’s clothing pretending to be benign utilities likeFromDocToPDF, EasyZipTab or Fake YouTube Downloader.
Additionally, in February 2021, researchers discovered a malicious Firefox Gmail add-on, called FriarFox, that was targeting Tibetan organizations and ilegally accessing their Gmail accounts and browsers.
Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds
December 21, 2021
Online Shoppers Beware, Mobile Scams Are on the Rise
December 17, 2021
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021