Update on the Two Infected Add-ons Mozilla Discovered
Article by George Norman
On 10 Feb 2010
Last week the Mozilla Foundation announced that two add-ons hosted on addons.mozilla.org (referred to as AMO) contained Trojan code aimed at Windows users. The two add-ons in question were Sothink Web Video Downloader (just version 4.0) and Master Filer (all versions). Mozilla explained at the time that its anti-malware scanning tools failed to detect the threat, but once it was uncovered the two add-ons are malicious, they were pulled off AMO.

Mozilla advised Firefox users that downloaded the add-ons to uninstall them. Users were also advised to get a capable antivirus application, scan their system and remove the Trojan that came bundled with the add-ons. The Mozilla Foundation specified these antivirus applications: Antiy-AVL, Avast, AVG, GData, Ikarus, K7AntiVirus, McAfee, Norman, and VBA32.


Just to put things in perspective, the Master Filer add-on was downloaded about 600 times from September ’09 until January ’10. The Sothink Web Video Downloader add-on, version 4.0, was downloaded about 4,000 times between February 2008 and May 2008.

That’s what we knew so far; now here’s the update. Turns out the Master Filer add-on was genuinely malicious, users that downloaded it may have had they system compromised by a Trojan. But Sothink Web Video Downloader version 4.0 did not contain Trojan code. It was all a false positive.

“We’ve worked with security experts and add-on developers to determine that the suspected Trojan in Version 4.0 of Sothink Video Downloader was a false positive and the extension does not include malware. The same investigation also confirmed that the Master Filer extension included a valid instance of a Trojan. Our estimate of 6,000 affected downloads has been revised to under 700. The Sothink Video Downloader has been re-enabled on AMO. We apologize to our users and the developers of Sothink for any inconvenience this has caused,” explained the Mozilla Add-ons team.

Tags: Mozilla, Add-ons, AMO, Trojan, Security
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 14 Aug 2017
Firefox Send works with any modern web browser (not just Mozilla’s own), it lets you safely send files up to 1GB in size, and using it is a fairly simple process, as you can see in this how-to guide.
By George Norman on 02 Aug 2017
Voice Fill uses spoken language to enter queries into search engines. Notes is a built-in notepad that you can use to jot down ideas. And Send lets you send encrypted, self-destructing files over the internet.
By George Norman on 26 Jul 2017
Top-notch real-time protection against viruses doesn’t have to cost money, not if you go with the recently introduced Kaspersky Free antivirus solution. It may not come with a lot of bells and whistles, but it nicely covers all the basics and...
By George Norman on 31 Jul 2017
Are people taking better care of their passwords, or have their password habits changed for the worse? To get an answer to that question, data loss prevention software company Digital Guardian surveyed a thousand people about their password security habits and found that...
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Update on the Two Infected Add-ons Mozilla Discovered
HTML Linking Code