If you swear by Mozilla’s popular Firefox browser, you might want to take a closer look at the browser extensions you’ve installed recently. Mozilla states They discovered a group of malicious Firefox add-ons that harm users.
According to Mozilla, a total of 455,000 users have installed malicious add-ons. The company says it has now blocked add-ons to avoid further installs.
The browser extensions in question work by abusing the so-called API proxy, a programming interface used to control how Firefox connects to the Internet.
“These add-ons interfere with Firefox in a way that prevents users who have them installed from downloading updates, accessing updated block lists, and updating configured content remotely,” Mozilla wrote.
To prevent additional users from being affected by new browser extensions that abuse the Proxy API, Mozilla has paused approvals for extensions that use this API until fixes are available to all users, the blog explains.
The company could otherwise report that it has introduced an update that changes the way the browser handles requests. Starting with version 91.1, the browser will return to direct connections every time Firefox makes an important request, such as updates, via a non-working proxy configuration.
It is important to be up to date
“Ensuring that these requests are completed correctly helps us provide the latest critical updates and security measures to users,” Mozilla wrote.
The company recommends that you make sure you have the latest version of Firefox, which is currently Firefox 93 or Enterprise Edition Firefox ESR 91.2 (Extended Support Release). According to Mozilla, if you are not running the latest version and you have not manually disabled updates, you should check if you are affected by the problem.
Instructions on how to search for problematic plugins can be found at Blog post on Mozilla.
Malicious add-ons affect all browsers to some extent. this summer Digi.no . reported About a sharp increase in malicious Chrome extensions, and according to Google, the number of malicious extensions disabled by Chrome has increased by as much as 81 percent over the past year.
As reported by Digi.no Hundreds of Chrome extensions with millions of downloads have secretly extracted user data. Google has in the past Introduced a pause in publishing new browser extensions In the Chrome Store after widespread customer scams were discovered with the Chrome extension.
“Web specialist. Lifelong zombie maven. Coffee ninja. Hipster-friendly analyst.”