Mozilla Add-on Extension Steals Login Details

Mozilla has ceased a Firefox extension from its add-on repository for last one month after the revelation that it stole user's login details. A legitimate extension also added to the blacklist owing to a vulnerability that helped in the execution of malicious code remotely.

This extension referred as 'Mozilla Sniffer' that transmits submitted information to a remote location. Therefore, it is a password stealer program that transmits information from the user's computer.

The extension was posted on the AMO website (addons.mozilla.org) on June 6, 2010 and involved in the stealing of login details for any website and transmitted the information to a third party server.

Mozilla said that after the discovery of malicious extension on July 12, 2010, the add-on was deactivated and added to the blacklist. The objective of adding the extension to the blacklist was to inform users about uninstalling it, as reported by SOFTPEDIA on July 14, 2010.

The security researchers said that the add-on was going through the testing phase and all the users who had installed it should have received a warning - "IT IS UNREVIEWED." Unreviewed add-ons were scanned to detect viruses, malware, trojans and other kinds of malicious codes, but only few codes could be identified during review process, said Mozilla, as reported by cnet news on July 14, 2010.

Although the add-on was under the testing phase, it had been downloaded 1800 times. Moreover, the website where stolen details kept is currently offline. All the users who had downloaded the add-on were advised the experts to change their passwords immediately.

Mozilla also disclosed another vulnerable add-on, known as CoolPreviews, which might expose users to hackers.

This vulnerability could be exploited with the help of specifically designed hyperlink. If the user runs his mouse on the hyperlink, a remote JavaScript code is downloaded with local chrome privileges. This script helps in taking control over the compromised computer.

Besides, this is not the first time when Mozilla add-on has been attacked. In the past, two Firefox add-ons were missed by the company's security check and corrupted around approximately 4,600 Windows computers, as reported by ZDNet on February 5, 2010.

Related article: Mozilla Rules Out Bug in Its Firefox

» SPAMfighter News - 27-07-2010

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial