Update on the Two Infected Add-ons Mozilla Discovered
Last week the Mozilla Foundation announced that two add-ons hosted on addons.mozilla.org (referred to as AMO) contained Trojan code aimed at Windows users. The two add-ons in question were Sothink Web Video Downloader (just version 4.0) and Master Filer (all versions). Mozilla explained at the time that its anti-malware scanning tools failed to detect the threat, but once it was uncovered the two add-ons are malicious, they were pulled off AMO.
Mozilla advised Firefox users that downloaded the add-ons to uninstall them. Users were also advised to get a capable antivirus application, scan their system and remove the Trojan that came bundled with the add-ons. The Mozilla Foundation specified these antivirus applications: Antiy-AVL, Avast, AVG, GData, Ikarus, K7AntiVirus, McAfee, Norman, and VBA32.
Just to put things in perspective, the Master Filer add-on was downloaded about 600 times from September ’09 until January ’10. The Sothink Web Video Downloader add-on, version 4.0, was downloaded about 4,000 times between February 2008 and May 2008.
That’s what we knew so far; now here’s the update. Turns out the Master Filer add-on was genuinely malicious, users that downloaded it may have had they system compromised by a Trojan. But Sothink Web Video Downloader version 4.0 did not contain Trojan code. It was all a false positive.
“We’ve worked with security experts and add-on developers to determine that the suspected Trojan in Version 4.0 of Sothink Video Downloader was a false positive and the extension does not include malware. The same investigation also confirmed that the Master Filer extension included a valid instance of a Trojan. Our estimate of 6,000 affected downloads has been revised to under 700. The Sothink Video Downloader has been re-enabled on AMO. We apologize to our users and the developers of Sothink for any inconvenience this has caused,” explained the Mozilla Add-ons team.
Tags: Mozilla, Add-ons, AMO, Trojan, Security
Mozilla advised Firefox users that downloaded the add-ons to uninstall them. Users were also advised to get a capable antivirus application, scan their system and remove the Trojan that came bundled with the add-ons. The Mozilla Foundation specified these antivirus applications: Antiy-AVL, Avast, AVG, GData, Ikarus, K7AntiVirus, McAfee, Norman, and VBA32.
Advertising
Just to put things in perspective, the Master Filer add-on was downloaded about 600 times from September ’09 until January ’10. The Sothink Web Video Downloader add-on, version 4.0, was downloaded about 4,000 times between February 2008 and May 2008.
That’s what we knew so far; now here’s the update. Turns out the Master Filer add-on was genuinely malicious, users that downloaded it may have had they system compromised by a Trojan. But Sothink Web Video Downloader version 4.0 did not contain Trojan code. It was all a false positive.
“We’ve worked with security experts and add-on developers to determine that the suspected Trojan in Version 4.0 of Sothink Video Downloader was a false positive and the extension does not include malware. The same investigation also confirmed that the Master Filer extension included a valid instance of a Trojan. Our estimate of 6,000 affected downloads has been revised to under 700. The Sothink Video Downloader has been re-enabled on AMO. We apologize to our users and the developers of Sothink for any inconvenience this has caused,” explained the Mozilla Add-ons team.
Tags: Mozilla, Add-ons, AMO, Trojan, Security
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 28 May 2012
Mozilla introduced a new program meant to educate millions of people, the Mozilla Webmaker program.
By George Norman on 26 May 2012
Piriform updated its products, making CCleaner less annoying and Defraggler a lot faster.Related News
By George Norman on 01 Mar 2012
It is never a good idea to reuse passwords and an especially bad one to use the same password for all your accounts. It’s a bad idea because if one account is compromised, all the accounts protected
By George Norman on 15 Mar 2012
Released as part of the Privacy Watchdog initiative, the Password Age Visualizer tells you which passwords are quite old and should be changed.
By George Norman on 14 Mar 2012
On the release update channel, Mozilla’s popular Firefox browser has been updated from version 10 to version 11
By George Norman on 05 Jan 2012
This is proof that there are a lot of threats on the web and the perfect example of why you should use a properly good security solution to secure your data against viruses and other malwareAdvertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Update on the Two Infected Add-ons Mozilla Discovered
HTML Linking Code
HTML Linking Code