1 min read

445,000 Mozilla users targeted by malicious add-ons

Radu CRAHMALIUC

October 26, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
445,000 Mozilla users targeted by malicious add-ons

Mozilla reports it has identified and disabled two malicious Firefox add-ons installed on roughly 455,000 browsers.

The software modules, named Bypass and Bypass XM, first caught the eye of researchers in early June after abusing the proxy API to block Firefox updates.

According to Bleeping Computer, the two browser extensions were likely using a reverse proxy to bypass paywalled sites. However, Mozilla has said they were also intercepting and redirecting web requests to block users from downloading updates, updating remotely configured content, and accessing updated blocklists -- incriminating behavior that violates the company’s rules for add-ons.

Apart from blocking the extensions, Mozilla temporarily paused approval for new add-ons using the proxy API and has urged users to make sure their Firefox version is up to date.

Currently the fourth most-used browser in the world, after Chrome, Safari and Edge, users often see Firefox as a fast and generally safe open-source solution. However, this also makes it a favorite among cyber attackers.

Back in 2020, Mozilla took mass action banning nearly 200 shady Firefox add-ons that were caught executing malicious code or stealing user data. Many of them disguised themselves in sheep’s clothing pretending to be benign utilities likeFromDocToPDF, EasyZipTab or Fake YouTube Downloader.

Additionally, in February 2021, researchers discovered a malicious Firefox Gmail add-on, called FriarFox, that was targeting Tibetan organizations and ilegally accessing their Gmail accounts and browsers.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

UK Cabinet Office Fined £500,000 over New Year Honours List Data Breach UK Cabinet Office Fined £500,000 over New Year Honours List Data Breach
Alina BÎZGĂ

December 03, 2021

2 min read
Europol Operation Cracks Down on International Money Mule Schemes Europol Operation Cracks Down on International Money Mule Schemes
Alina BÎZGĂ

December 02, 2021

2 min read
Twitter Prohibits Users from Sharing Individuals’ Private Photos or Videos without Consent Twitter Prohibits Users from Sharing Individuals’ Private Photos or Videos without Consent
Alina BÎZGĂ

December 02, 2021

2 min read