Nearly 200 malicious add-ons detected in Firefox, now removed
What's the story
Mozilla has been trying to make privacy its calling card to get people to ditch Google for Firefox. The browser packs an enhanced set of security features, but as it turns out, it carries its own set of problems. Case in point: A batch of nearly 200 malicious add-ons that were recently found thriving on Firefox before being blocked. Here's all about it.
Issue
Add-ons executing malicious code, stealing data
During a recent analysis, Mozilla's add-on review team found as many as 197 add-ons executing malicious code on people's browsers and stealing their data. The extensions were caught using obfuscation techniques to hide their source code and remain undetected from users. However, when the team found spotted them, they took action against the entire batch.
Names
Most shady add-ons came from one developer - 2Ring
Per Mozilla, 135 add-ons came from B2B software provider 2Ring and another developer named Tamo Junto Caixa. They all were caught downloading and executing code from a remote server, which went against Mozilla's policy that requires add-ons to self-contain their code. Meanwhile, the rest of the add-ons were flagged for being fake premium products, collecting user data, or displaying malicious behavior to varying degrees.
Information
Exact names not revealed
Though Mozilla didn't reveal the exact names of the malicious add-ons (to give their developers an opportunity to fix their mistakes), a report from ZDNet did name some. These were Fake Youtube Downloader, FromDocToPDF, WeatherPool and Your Social, Pdfviewer - tools, RoliTrade, and Rolimons Plus.
Action
Either way, they all have been removed for good
Having said that, Mozilla claims all the add-ons in question have been blocked and removed from the Mozilla Add-on portal to keep users from installing them. The corporation further emphasized that the programs have also been disabled in the browsers of people who already installed them or were using them regularly. So, if you unknowingly had a malicious Firefox add-on, it is probably gone.
Prevention
How to dodge malicious add-ons in the future
In order to shield yourself from malicious add-ons, we'd recommend being careful and checking user reviews before installing them on your browser. The rule applies to both Chrome and Firefox, and, as an additional layer of security, you can also go for a recognized anti-virus product so that it can handle malware in case something goes wrong and a malicious extension is installed.