Malware Found in Mozilla Firefox Add-ons Two Firefox Add-ons Contain Trojan Horses Sean Michael Kerner
Add-ons for Firefox have been a large reason for the browser's rise in popularity, but news of two add-ons containing Trojan malware may have some users second guessing the value of add-ons. Mozilla is warning Windows users to steer clear of the two add-ons. eSecurity Planet takes a look at the threat.
As it's grown in popularity, the open source Mozilla Firefox Web browser has fostered a broad ecosystem of add-ons that expand its functionality. As it turns out, though, that same ecosystem can also potentially expose users to risk.
Mozilla today disclosed that a pair of add-ons hosted on its addons.mozilla.org (AMO) site included Trojans. As a result, if a Windows user installed the add-ons, they would be infected by malware that could potentially steal their information.
The two infected add-ons are version 4.0 of Sothink Web Video Downloader and all versions of Master Filer download manager.
"This vulnerability is known to affect Firefox on Windows only, if either Master Filer or Version 4.0 of Sothink Web Video Downloader are installed," Mozilla wrote in a blog post confirming the security issue.
Mozilla recommends that potentially impacted Windows users — who may number in the thousands — run an antivirus program since simply uninstalling the affected add-ons does not remove the Trojans.
According to Mozilla, Master Filer has been downloaded 600 times while the Sothink Web Video Downloader has been downloaded 4,000 times. Mozilla removed Master Filer on Jan. 25, 2010 and Sothink Web Video Downloader on Feb. 2, 2010.
