Mozilla Add-ons Serving Malware
by Frank Jovine on 02/08/2010 in Security, Virus Threats
The most embarrassing thing about all this is that these infected experimental add-ons have been available for download for several months. How can Mozilla be unaware of this for that long?
According to Mozilla, version 4.0 of Sothink Web Video Downloader is infected with password sniffer Win32.LdPinch.gen and Master Filer is infected with the backdoor Trojan Win32.Bifrose. This Malware has infected Windows systems following installation of the infected browser add-on.
Uninstalling the add-on will not remove the infection from your computer. Mozilla lists several anti-virus programs in its advisory that are able to recognize the Malware and remove it from the infected computer.
Both infected add-ons have been downloaded a total of 4,600 times from the Mozilla official download site. The infected add-ons were only discovered and removed, on January 25 and February 2, following use of additional anti-virus scanning software by Mozilla.
Users shouldn’t panic as only a small amount of computers were infected. It’s more than likely that your antivirus software will recognize and remove the infection.
Ben
Feb 8th, 2010
I’ve been downloading a lot of add-ons recently since the release of Firefox 3.6. I’m glad I didn’t get either of those.
Frank Jovine
Feb 8th, 2010
Ben,
I use about 7 add-ons and I am glad I didn’t get infected as well.
Andrew@BloggingGuide
Feb 8th, 2010
The only thing I do with my Mozilla firefox browser is to upgrade it. Lucky thing, I’m not really into add-ons. Good thing that only a few computers were infected but even if this is the case, mozilla should be more aware of the situation of their product if they don’t want to lose users and followers.
Sandrina
Feb 9th, 2010
Hm, well maybe there are more infected add-ons out there or some viruses targeting them, because recently I had problems with Trojans on my computer which were changing settings on some of my add-ons. After removing suspicious add-ons they disappeared or at least I hope they did.
JK@Techtrickz
Feb 9th, 2010
I heard that Mozilla has a strong malware checking strategy, but why this happened?
I think now we have to think twice before installing any new add-on from Mozilla.
Frank Jovine
Feb 9th, 2010
JK,
I wonder how many other add-ons are infected. I use the same 5 add-ons and I trust what I am using only because I test everything before I install it on a test PC.
Teasastips
Feb 9th, 2010
thx Frank for the heads up.
Frank Jovine
Feb 9th, 2010
Teasa,
That’s why I am doing what I am doing.
Twin
Feb 12th, 2010
I can’t believe Mozilla allowed this to happen. Luckily, I do not think that I downloaded either of those two add-ons. Come on Mozilla, you’re better than that.
Frank Jovine
Feb 12th, 2010
Twin,
I am loving the new Chrome…OMG!
Raleigh fences
Feb 12th, 2010
Exactly one of the main reasons I love Mac’s. No need to say anymore.
Frank Jovine
Feb 12th, 2010
Sure there is! Macs are getting just as much attention from the underground.
blogcosep
Feb 13th, 2010
waaaa, Thank you for sharing it.. I’d better shift to mac right now..
kanishk
Feb 17th, 2010
I use about 7 add-ons and I am glad I didn’t get infected as well and i like to recommend Mozilla.
kkOr4b
Feb 21st, 2010
I had installed mozilla firefox for 2 years and during this period of time I had installed about 40 add-ons of Mozilla but like the one of comments i’m glad that I didn’t get any infections this I say because Imy antivirus doesn’t detect any malware infections.
Dia
Feb 21st, 2010
I had more than 20 add-ons but I didn’t get infected as well
koora
Feb 22nd, 2010
merciiiiiiiiiiiiiiiii
Merchant Capital Cash
Feb 24th, 2010
Thanks for sharing this, never think that the addon on the official site of mozilla can be afftected by the malware…
applied cognitive psychology
Feb 25th, 2010
Really the most embarrassing thing about all this is that these infected experimental add-ons have been available for download…….
Mozilla very best browser then all browser.
Thank you