Mozilla Bans 197 Malicious Firefox Add-Ons Amidst Crackdown

In the past weeks, Mozilla has banned 197 Firefox add-ons for malicious activity. Not only have they removed the add-ons from the extension list but they also disabled them for current users.

Mozilla Banned Firefox Add-Ons

Reportedly, Mozilla has recently banned a large number of Firefox browser extensions for malicious activity. The tech giant has banned 197 different add-ons in the previous weeks, which were found running malicious code.

Among these, around 129 extensions belonged to 2Ring, which Mozilla removed for executing remote code. This is something in contrast to Mozilla’s policy which does not allow downloading dynamic codes from remote servers. For the same reason, Mozilla also banned six extensions belonging to Tamo Junto Caixa, and three other ‘fake premium products’.

Similarly, they also banned thirty other add-ons for exhibiting malicious behavior on third-party websites. Other banned extensions include five add-ons for collecting search terms and intercepting searches, and separate batches of two, nine, and three add-ons for using obfuscated codes.

Other reasons that triggered a ban on various add-ons include the illegal collection of users’ data. These add-ons include an un-named extension, WeatherPool and Your Social, Pdfviewer – tools, RoliTrade and Rolimons Plus.

The firm also banned FromDocToPDF for “loading remote content into new tab page”, and Fake Youtube Downloader for installing malware.

What About Current Users?

For added users’ security, Mozilla has not only removed the malicious add-ons but has banned the developer accounts from the Mozilla Add-on (AMO) portal to prevent re-installs.

This removal also affects the current users of the extensions, since Mozilla has disabled them too.

This move seems a continuation of Mozilla’s robust review of browser extensions for protecting users’ privacy. In December 2019, Mozilla also removed Avast and AVG extensions from Firefox for potentially spying on users. Nonetheless, they later restored the extensions following the developers’ appeal.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients