Monday, November 29, 2021

Firefox blocks malicious add-ons installed by half a million users

Proxy add-on prevented important updates

If you buy something through one of these links, we may earn an affiliate commission.

More BOX Amazon Deals

What just happened? Mozilla’s security blog announced this week that it discovered some add-ons were acting maliciously and that it decided to block them. The company estimates some 455,000 users might be affected. The security blog mentions two specific add-ons without detailing what they do.

On Monday, Mozilla said it discovered last June that some Firefox extensions were misusing its proxy API. It claims it prevented nearly half a million users who installed these add-ons from downloading updates, accessing updated blocklists, and updating remotely-configured content.

Not only has Mozilla blocked more Firefox users from installing these add-ons, but it has also paused approvals for extensions that use the proxy API. Starting with version 91.1, Firefox also started making important requests, such as downloading updates, through a direct connection whenever a proxy connection fails. Mozilla also released a system add-on called “Proxy Failover” (ID: [email protected]) to mitigate this problem further.

Firefox blocks malicious add-ons installed by half a million users
Firefox blocks malicious add-ons installed by half a million users

In its instructions for checking for and removing the add-ons, Firefox names two add-ons called “Bypass” and “Bypass XM” but does not detail what the extensions do. A Malwarebytes Labs security blog notes that the creators advertised the add-ons as ways to bypass paywall restrictions on websites.

Get the browser that protects what’s important Firefox

No shady privacy policies or back doors for advertisers. Just a lightning fast browser that doesn’t sell you out. Download Firefox

Mozilla says that Firefox users trying to check and see if those add-ons are installed on their browsers should click on the menu button and go to Help > More Troubleshooting Information. Then scroll down to “Add-ons.” In that section, search for the names “Bypass” (ID: {7c3a8b88-4dc9-4487-b7f9-736b5f38b957}) and “Bypass XM” (ID: {d61552ef-e2a6-4fb5-bf67-8990f0014957}). If you find those add-ons in the list, you should disable or remove them from the “Add-ons and themes” section of the Firefox menu.

Trending

More Articles Like This