Mozilla Add-on Extension Steals Login Details
Mozilla has ceased a Firefox extension from its add-on repository for last one month after the revelation that it stole user's login details. A legitimate extension also added to the blacklist owing to a vulnerability that helped in the execution of malicious code remotely.
This extension referred as 'Mozilla Sniffer' that transmits submitted information to a remote location. Therefore, it is a password stealer program that transmits information from the user's computer.
The extension was posted on the AMO website (addons.mozilla.org) on June 6, 2010 and involved in the stealing of login details for any website and transmitted the information to a third party server.
Mozilla said that after the discovery of malicious extension on July 12, 2010, the add-on was deactivated and added to the blacklist. The objective of adding the extension to the blacklist was to inform users about uninstalling it, as reported by SOFTPEDIA on July 14, 2010.
The security researchers said that the add-on was going through the testing phase and all the users who had installed it should have received a warning - "IT IS UNREVIEWED." Unreviewed add-ons were scanned to detect viruses, malware, trojans and other kinds of malicious codes, but only few codes could be identified during review process, said Mozilla, as reported by cnet news on July 14, 2010.
Although the add-on was under the testing phase, it had been downloaded 1800 times. Moreover, the website where stolen details kept is currently offline. All the users who had downloaded the add-on were advised the experts to change their passwords immediately.
Mozilla also disclosed another vulnerable add-on, known as CoolPreviews, which might expose users to hackers.
Besides, this is not the first time when Mozilla add-on has been attacked. In the past, two Firefox add-ons were missed by the company's security check and corrupted around approximately 4,600 Windows computers, as reported by ZDNet on February 5, 2010.
Related article: Mozilla Rules Out Bug in Its Firefox
» SPAMfighter News - 27-07-2010