Mozilla confirmed that two add-ons on the official website were infected.
Mozilla confirm that they overlooked two addons containing malicious code and allowed them to the official website, which led to the infection of approximately 4,600 users. Now, naturally, both add-ons have been removed from the official Firefox add-ons site .
According to the Mozilla blog post on add-ons , Sothink Web Video Downloader 4.0 and all versions of Master Filer contained a Trojan horse. Both additions were placed in the "experimental" section, i.e. users received an additional warning about the risk before downloading.
Master Filer was downloaded approximately 600 for 5 months (the last day of the add-on on the site was January 25, 2010). Sothink Web Video Downloader 4.0 was downloaded about 4,000 times from February to May 2008 (!) ...
Troyan could only harm users running on Windows, Linux and Mac users did not suffer.
Mozilla acknowledged that it was their own security system. “All add-ons are checked for viruses before they become available for download. A virus scan program could not detect one in Master Filer. ” Only when several new tools were added to scan for new add-ons and a re-check of all add-ons on the site was carried out, was malicious code found in Sothink Web Video Downloader 4.0, which was removed from the site this Thursday (February 4).
')
Mozilla encourages all Firefox users who have downloaded one of these two add-ons to urgently remove it, as well as conduct a full computer scan with their antivirus.
About the author of the add-on Master Filer, working under the nickname "haklinim" there is no special information on the Internet. SourceTec Software, the developers of Sothink Web Video Downloader, are based in China, at least the contact number listed on their website is Chinese. The company did not comment on the fact that their addition was infected.
An official statement from Mozilla was made on Thursday morning, the same evening, the Firefox developers refused to answer any questions, including the most popular, about why the malicious code was not detected in Sothink Web Video Downloader back in 2008, and whether an attempt was made to calculate and warn specifically those users who downloaded infected add-ons.
Although both add-ons have been removed from the Firefox site, later versions of Sothink Web Video Downloader are still available for download on many other resources. Infected version 4.0, however, was also available not only on the Firefox site, but also in other places, for example, Download.com.
This is not the first such case. In May 2008, a worm was found in the Vietnamese language pack, which was downloaded 17,000 times. The then head of the security department, Window Snyder, said that the incident didn’t hurt the users much and said that the number and frequency of virus checks in the add-ons would increase to prevent similar situations in the future.
According to the Mozilla blog post on add-ons , Sothink Web Video Downloader 4.0 and all versions of Master Filer contained a Trojan horse. Both additions were placed in the "experimental" section, i.e. users received an additional warning about the risk before downloading.
Master Filer was downloaded approximately 600 for 5 months (the last day of the add-on on the site was January 25, 2010). Sothink Web Video Downloader 4.0 was downloaded about 4,000 times from February to May 2008 (!) ...
Troyan could only harm users running on Windows, Linux and Mac users did not suffer.
Mozilla acknowledged that it was their own security system. “All add-ons are checked for viruses before they become available for download. A virus scan program could not detect one in Master Filer. ” Only when several new tools were added to scan for new add-ons and a re-check of all add-ons on the site was carried out, was malicious code found in Sothink Web Video Downloader 4.0, which was removed from the site this Thursday (February 4).
')
Mozilla encourages all Firefox users who have downloaded one of these two add-ons to urgently remove it, as well as conduct a full computer scan with their antivirus.
About the author of the add-on Master Filer, working under the nickname "haklinim" there is no special information on the Internet. SourceTec Software, the developers of Sothink Web Video Downloader, are based in China, at least the contact number listed on their website is Chinese. The company did not comment on the fact that their addition was infected.
An official statement from Mozilla was made on Thursday morning, the same evening, the Firefox developers refused to answer any questions, including the most popular, about why the malicious code was not detected in Sothink Web Video Downloader back in 2008, and whether an attempt was made to calculate and warn specifically those users who downloaded infected add-ons.
Although both add-ons have been removed from the Firefox site, later versions of Sothink Web Video Downloader are still available for download on many other resources. Infected version 4.0, however, was also available not only on the Firefox site, but also in other places, for example, Download.com.
This is not the first such case. In May 2008, a worm was found in the Vietnamese language pack, which was downloaded 17,000 times. The then head of the security department, Window Snyder, said that the incident didn’t hurt the users much and said that the number and frequency of virus checks in the add-ons would increase to prevent similar situations in the future.
Source: https://habr.com/ru/post/83288/
All Articles