Nearly 200 Firefox add-ons banned by Mozilla in the past weeks
By MYBRANDBOOK
Mozilla's add-on review team has banned close to 197 Firefox add-ons that were caught executing malicious code, stealing user data, or using obfuscation to hide their source code, over the past few weeks.
The add-ons have not only been banned and removed from the Mozilla Add-on (AMO) portal to prevent new installs, but they have also been disabled in the browsers of the users who already installed them.
The bulk of the ban was levied on 129 add-ons developed by 2Ring, a provider of B2B software. The ban was enforced because the add-ons were downloading and executing code from a remote server.
According to Mozilla's rules, add-ons must self-contain all their code, and not download code dynamically from remote locations. Mozilla has recently begun strictly enforcing this rule across its entire add-on ecosystem.
A similar ban for downloading and executing remote code in users' Firefox browsers was also levied against six add-ons developed by Tamo Junto Caixa, and three add-ons, whose names have not been disclosed, were deemed fake premium products.
Bans were also levied for illegally collecting user data. Mozilla staff banned an unnamed add-on, WeatherPool and Your Social, Pdfviewer - tools, RoliTrade, and Rolimons Plus.
But there were also bans for malicious behaviour. Mozilla reviewers banned 30 add-ons that exhibited various types of malicious behaviour.
Mozilla listed only the add-on IDs, not their names, so add-on developers can appeal the ban and remove the malicious behavior. One add-on who passed the appeal process was the Like4Like.org Addon, initially believed to be collecting and submitting user credentials or tokens of social media websites to another website.
Other shady behaviour was spotted in the FromDocToPDF add-on, which Mozilla engineers said was loading remote content into Firefox's new tab page.
A Firefox add-on named Fake Youtube Downloader was also banned for attempting to install other malware in users' browsers.
Add-ons like EasySearch for Firefox, EasyZipTab, FlixTab, ConvertToPDF, and FlixTab Search were banned for intercepting and collecting user search terms, a clearly bannable offense.
Last, but not least, Mozilla's security staff also banned a batch of two, nine, and three add-ons that were caught using obfuscated code, a technique through which add-on developers make their code hard to read, for the purpose of hiding malicious behaviour.
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
RAMCO SYSTEMS Ltd.
LUMINOUS POWER TECHNOLOGIES PVT. LTD.
SAFE SECURITY SERVICES PVT. LTD.
AGGRESSIVE ELECTRONICS MANUFACTURING SERVICES PVT. LTD.
Technology Icons Of India 2023: Sachin Bansal
Sachin Bansal’s fintech startup, Navi Technologies, simplifies loan ...
Technology Icons Of India 2023: Kumar Mangalam Birla
Aditya Birla Group chairman Kumar Mangalam Birla’s return to Vodafon...
Technology Icons Of India 2023: Lt Gen (Dr.) Rajesh Pant (Retd.)
LT Gen(Dr.) Rajesh Panth (Retd.), National cyber security coordination...
GeM maintains transparency in online procurement of goods & services
Created in a record time of five months, Government eMarketplace is a ...
NIC bridging the digital divide and supporting government in eGovernance
The National Informatics Centre (NIC) is an Indian government departme...
New defence PSUs will help India become self-reliant
MIL, India’s biggest manufacturer and market leader is engaged in Pr...
IRIS GLOBAL SERVICES PVT. LTD.
Iris Global services is one of the leading distribution houses that d...
TECHNOBIND SOLUTIONS PVT. LTD.
TechnoBind’s business model is focused on identifying and partnering...
M. TECH SOLUTIONS (I) PVT. LTD.
M.Tech is a leading cyber security and network performance solutions ...