Mozilla blocks Firefox add-ons installed over 455,000 times

Mozilla developers blocked two malicious Firefox add-ons, which were installed approximately 455,000 times. It was discovered that they were abusing the proxy API and blocking browser updates.

Organization representatives report that Bypass (ID: 7c3a8b88-4dc9-4487-b7f9-736b5f38b957) and Bypass XM (ID: d61552ef-e2a6-4fb5-bf67-8990f0014957) add-ons used APIs to intercept and redirect requests, thereby blocking downloads updates of remotely configured content and access to updated blacklists.

While Mozilla did not reveal what other malicious activity the add-ons were doing in the background, Bleeping Computer writes that they probably used a reverse proxy to bypass paywalls on various sites.

Also, both add-ons put the Mozilla domain on the paid access lists, which leads to the unintentional blocking of browser updates.

To prevent additional users from being exposed to new add-ons that abuse the proxy API, we have suspended approvals for add-ons that use the proxy API until the fixes are available to everyone.the developers said.

Also in the post, Mozilla emphasizes that, starting with Firefox 91.1, the browser can fall back to direct connections if it makes an important request through a proxy (for example, a request for updates) and the attempt fails.

Ensuring that these requests are successfully fulfilled helps us deliver the latest critical updates and protections to our users.says the company's engineers.

In addition, Mozilla has now deployed a hidden Proxy Failover system addon in its browser (it cannot be disabled and it updates without restarting). The new add-on is designed to prevent attempts to tamper with the update mechanisms in the current and older versions of Firefox.

Users who have previously installed problematic addons are strongly advised to remove them by going to the add-ons section.

If you’re not running Firefox 93 and have not disabled browser updates, you could be impacted by this issue. To make sure, try to update Firefox to the latest versions since it bundles an updated blocklist designed to disable these malicious add-ons automatically.also advise Mozilla representatives.

Let me remind you that we also wrote that Firefox bug allowed stealing cookies from Android devices.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button