Mozilla Add-ons Serving Malware

by on 02/08/2010 in Security, Virus Threats

Mozilla Add-ons InfectedThe most embarrassing thing about all this is that these infected experimental add-ons have been available for download for several months. How can Mozilla be unaware of this for that long?

According to Mozilla, version 4.0 of Sothink Web Video Downloader is infected with password sniffer Win32.LdPinch.gen and Master Filer is infected with the backdoor Trojan Win32.Bifrose. This Malware has infected Windows systems following installation of the infected browser add-on.

Uninstalling the add-on will not remove the infection from your computer. Mozilla lists several anti-virus programs in its advisory that are able to recognize the Malware and remove it from the infected computer.

Both infected add-ons have been downloaded a total of 4,600 times from the Mozilla official download site. The infected add-ons were only discovered and removed, on January 25 and February 2, following use of additional anti-virus scanning software by Mozilla.

Users shouldn’t panic as only a small amount of computers were infected. It’s more than likely that your antivirus software will recognize and remove the infection.

19 Responses to “Mozilla Add-ons Serving Malware”

  1. Ben

    Feb 8th, 2010

    I’ve been downloading a lot of add-ons recently since the release of Firefox 3.6. I’m glad I didn’t get either of those.

    • Frank Jovine

      Feb 8th, 2010

      Ben,

      I use about 7 add-ons and I am glad I didn’t get infected as well.

  2. Andrew@BloggingGuide

    Feb 8th, 2010

    The only thing I do with my Mozilla firefox browser is to upgrade it. Lucky thing, I’m not really into add-ons. Good thing that only a few computers were infected but even if this is the case, mozilla should be more aware of the situation of their product if they don’t want to lose users and followers.

  3. Sandrina

    Feb 9th, 2010

    Hm, well maybe there are more infected add-ons out there or some viruses targeting them, because recently I had problems with Trojans on my computer which were changing settings on some of my add-ons. After removing suspicious add-ons they disappeared or at least I hope they did.

  4. JK@Techtrickz

    Feb 9th, 2010

    I heard that Mozilla has a strong malware checking strategy, but why this happened?

    I think now we have to think twice before installing any new add-on from Mozilla.

    • Frank Jovine

      Feb 9th, 2010

      JK,

      I wonder how many other add-ons are infected. I use the same 5 add-ons and I trust what I am using only because I test everything before I install it on a test PC.

  5. Teasastips

    Feb 9th, 2010

    thx Frank for the heads up.

    • Frank Jovine

      Feb 9th, 2010

      Teasa,

      That’s why I am doing what I am doing. :)

  6. Twin

    Feb 12th, 2010

    I can’t believe Mozilla allowed this to happen. Luckily, I do not think that I downloaded either of those two add-ons. Come on Mozilla, you’re better than that.

    • Frank Jovine

      Feb 12th, 2010

      Twin,

      I am loving the new Chrome…OMG!

  7. Raleigh fences

    Feb 12th, 2010

    Exactly one of the main reasons I love Mac’s. No need to say anymore.

    • Frank Jovine

      Feb 12th, 2010

      Sure there is! Macs are getting just as much attention from the underground.

  8. blogcosep

    Feb 13th, 2010

    waaaa, Thank you for sharing it.. I’d better shift to mac right now..

  9. kanishk

    Feb 17th, 2010

    I use about 7 add-ons and I am glad I didn’t get infected as well and i like to recommend Mozilla.

  10. kkOr4b

    Feb 21st, 2010

    I had installed mozilla firefox for 2 years and during this period of time I had installed about 40 add-ons of Mozilla but like the one of comments i’m glad that I didn’t get any infections this I say because Imy antivirus doesn’t detect any malware infections.

  11. Dia

    Feb 21st, 2010

    I had more than 20 add-ons but I didn’t get infected as well

  12. koora

    Feb 22nd, 2010

    merciiiiiiiiiiiiiiiii

  13. Merchant Capital Cash

    Feb 24th, 2010

    Thanks for sharing this, never think that the addon on the official site of mozilla can be afftected by the malware…

  14. applied cognitive psychology

    Feb 25th, 2010

    Really the most embarrassing thing about all this is that these infected experimental add-ons have been available for download…….

    Mozilla very best browser then all browser.

    Thank you