Mozilla has issued users with a warning that two add-on available from the official Add-ons website (addons.mozilla.org) contained code that infected Windows PCs.
Two add-ons are affected:
- Master Filer - Infected with a password-stealing Trojan called Win32.LdPinch.gen
- Sothink Web Video Downloader - Infected with a backdoor Trojan called Win32.Bifrose.32.Bifrose
Here’s what Mozilla has to say:
If a user installs one of these infected add-ons, the trojan would be executed when Firefox starts and the host computer would be infected by the trojan. Uninstalling these add-ons does not remove the trojan from a user’s system. Users with either of these add-ons should uninstall them immediately. Since uninstalling these extensions does not remove the trojan from a user’s system, an antivirus program should be used to scan and remove any infections.
It is believed that some 4,600 users have been infected.
Mozilla does scan all uploaded add-ons for malware, and blocks any that are infected. However, in this case the process failed. Now Mozilla has added two new malware detection tools to the scan chain to offer additional protection. It was at this stage that the malware hidden in the Sothink Web Video Downloader was discovered.
Bottom line, it’s unwise to rely solely on scanning done by a third-party.
News 6 months ago
