Over the past two weeks, Mozilla security team banned 197 Firefox add-ons that contained malicious code for data theft and more.
Add-ons were banned and removed from the Mozilla Add-on (AMO) portal to prevent new installations, but were automatically disabled in the browsers of users who had installed them.
Found 129 add-ons developed by the 2Ring company, and the supplier software B2B. The ban was imposed because the plugins were downloading and running code from a remote server.
According to Mozilla regulations, add-ons must contain the same code as the one installed by the terminal user and not perform dynamics λήψη code from remote locations. Mozilla has now begun to strictly enforce this regulation throughout its ecosystem.
The Firefox company has discovered six additional add-ons developed by Tamo Junto Caixa and three add-ons which were considered fake premium products (their names were not released to the public).
Prohibitions were also imposed on the illegal collection of data by users. Mozilla staff have banned an anonymous add-on, WeatherPool and Your Social, Pdfviewer - tools, RoliTrade, and Rolimons Plus
But there were bans on malicious behavior. Mozilla security team has banned 30 add-ons that display various types of malicious behavior.
Mozilla only listed add-on IDs, not their names, so developers can request that the ban be lifted after removing the malicious behavior. One add-on that went through this process was the Like4Like.org Addon, which was initially removed because the security team thought it was collecting and submitting user credentials or social media tokens to another site.