Mozilla’s security team has been busy the past two weeks, removing add-ons caught stealing user data and executing malicious code.
In a crusade to “make browsing smarter, safer, and faster,” the Firefox administrators decommissioned around 200 extensions and add-ons that posed security risks for users. Plugins with hidden features that may compromise user privacy or security were flagged and removed during the assessment.
More than half of the ban revolved around add-ons developed by B2B software developer 2Ring. Researchers found that the add-ons promoted by the company were actually executing code from a remote server.
Illegally collecting user data, add-ons such as WeatherPool and Your Social, Pdfviewer – tools, RoliTrade, and Rolimons Plus suffered the same fate. Mozilla’s Add-on Policy reads that, “If you are collecting any personal information, the user must provide affirmative consent (i.e., explicit opt-in from the user). It must be clear to the user that they give consent to the collection of personal data”.
The research team also found a batch of 30 add-ons (currently un-named) that violated the add-on policies with various types of malicious behavior. Unauthorized collection of search terms going to a third-party search provider including add-ons such as EasySearch for Firefox, EasyZipTab, FlixTab, ConvertToPDF, and FlixTab Search also warranted a ban.
Other worthy mentions include the FromDocToPDF add-on found loading remote content into Firefox’s new tab page, and Fake Youtube Downloader, disabled for attempting to “install other malware” in the browser. During the banning stage, Mozilla also disabled the plugins from the browser of users who previously installed them.
Although “Mozilla may reject or block affected versions or entire add-ons that don’t meet the policies”, any add-on developer can set an appeal.