Firefox blocks malicious add-ons installed by half a million users

What happened now? Mozilla’s security blog announced this week that it had discovered that some add-ons were acting in a malicious manner and decided to block them. The company estimates that this could affect about 455,000 users. The security blog mentions two specific additions without detailing what they do.

Mozilla said Monday that it had discovered some Firefox extensions last June. abuse its a proxy API. It claims to have prevented nearly half a million users who installed these add-ons from downloading updates, accessing updated blacklists, and updating remotely configured content.

Mozilla not only blocked the installation of these add-ons for more Firefox users, but also suspended approval of extensions that use the proxy API. Starting with version 91.1, Firefox also started making important requests, such as downloading updates, over a direct connection when the proxy connection failed. Mozilla also released a system add-on called “Proxy Failover” (ID: [email protected]) to further mitigate this issue.

In its instructions for checking and removing add-ons, Firefox refers to the two add-ons as “Bypass” and “Bypass XM,” but does not detail what the extensions do. The Malwarebytes Labs security blog notes that the creators touted the add-ons as ways to detour restrictions on paid access on websites.

Mozilla advises that Firefox users trying to check if these add-ons are installed in their browsers should click the menu button and navigate to Help> Additional Troubleshooting Information. Then scroll down to “Add-ons”. In this section, find the names “Bypass” (ID: {7c3a8b88-4dc9-4487-b7f9-736b5f38b957}) and “Bypass XM” (ID: {d61552ef-e2a6-4fb5-bf67-8990f0014957}). If you find these add-ons listed, you should disable or uninstall them in the Add-ons and Themes section of the Firefox menu.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button