Mozilla removes almost 200 dodgy Firefox add-ons
Mozilla’s security staff has identified 197 Firefox addons that were found to be stealing user data or executing malicious codes.
As part of a security drive, Mozilla administrators identified multiple addons with hidden features, along with a number that were deemed unsafe for user privacy and security.
The affected extensions have now been deleted from the Firefox portal and also disabled in the browsers of users who already have them installed.
Blocked
In the exercise, Mozilla discovered that 129 add-ons from a B2B software provider 2Ring and 6 from Tamo Junto Caixa were executing an unknown remote code. Add-ons like WeatherPool and Your Social, Pdfviewer – tools, RoliTrade, and Rolimons Plus were banned for collecting user data without consent. The team also banned close to 30 add-ons found to be running malicious data.
Among the other add-ons which were blocked are EasySearch for Firefox, EasyZipTab, FlixTab, ConvertToPDF, and FlixTab Search and a handful of others which were found to be collecting critical user data like search terms. Add-ons like Fake Youtube Downloader and FromDocToPDF were found either loading remote content on the browser page or were looking to install malware apps.
Mozilla’s Add-on policies call out the need of an explicit user consent before collecting any data. It also states that add-ons need to be self-constrained and remote code execution is not allowed. Any non-compliance of the policies warrants a decommission – although developers do have a right to set an appeal to reconsider the ban.
Via ZDNet
Mozilla’s security staff has identified 197 Firefox addons that were found to be stealing user data or executing malicious codes. As part of a security drive, Mozilla administrators identified multiple addons with hidden features, along with a number that were deemed unsafe for user privacy and security. The affected extensions…
Recent Posts
- Firefox 126 is out – and it’ll make a huge difference to the quality of videos in the browser, for those with the right hardware
- Google adds Max, Peacock, and Angry Birds to cars with native Android software
- Could ChromeOS eventually run on your Android phone? Google’s demo of exactly that is an exciting hint for the future
- Uber announces its new, worse version of a bus
- iPhone owners say the latest iOS update is resurfacing deleted nudes
Archives
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011