Firefox blocks malicious add-ons installed by half a million users

What simply occurred? Mozilla’s safety weblog introduced this week that it found some add-ons have been appearing maliciously and that it determined to dam them. The corporate estimates some 455,000 customers is likely to be affected. The safety weblog mentions two particular add-ons with out detailing what they do.

On Monday, Mozilla stated it found final June that some Firefox extensions have been misusing its proxy API. It claims it prevented almost half 1,000,000 customers who put in these add-ons from downloading updates, accessing up to date blocklists, and updating remotely-configured content material.

Not solely has Mozilla blocked extra Firefox customers from putting in these add-ons, nevertheless it has additionally paused approvals for extensions that use the proxy API. Beginning with model 91.1, Firefox additionally began making vital requests, similar to downloading updates, by way of a direct connection each time a proxy connection fails. Mozilla additionally launched a system add-on referred to as “Proxy Failover” (ID: to mitigate this drawback additional.

In its directions for checking for and eradicating the add-ons, Firefox names two add-ons referred to as “Bypass” and “Bypass XM” however doesn’t element what the extensions do. A Malwarebytes Labs safety weblog notes that the creators marketed the add-ons as methods to bypass paywall restrictions on web sites.

Mozilla says that Firefox customers making an attempt to examine and see if these add-ons are put in on their browsers ought to click on on the menu button and go to Assist > Extra Troubleshooting Info. Then scroll right down to “Add-ons.” In that part, seek for the names “Bypass” (ID: {7c3a8b88-4dc9-4487-b7f9-736b5f38b957}) and “Bypass XM” (ID: {d61552ef-e2a6-4fb5-bf67-8990f0014957}). Should you discover these add-ons within the record, it’s best to disable or take away them from the “Add-ons and themes” part of the Firefox menu.

Be the first to comment

Leave a Reply

Your email address will not be published.