Over the last two weeks, Mozilla’s add-on review team has blocked 197 Firefox add-ons that caught running malicious code, stealing user data, or shielding their source code.
The add-ons were prohibited and deleted from the Mozilla Add-on (AMO) site to prevent new installs, but were also disabled in the app browsers that installed them already.
The brunt of the prohibition has been imposed on 129 drugs produced by the B2B software provider 2Ring. The ban was implemented as the add-ons downloaded and executed code from a remote server.
Following Mozilla’s rules, add-ons must include all of their content and not dynamically import data from remote locations. Recently, Mozilla has strictly enforced this law over its whole additional ecosystem.
A similar ban was also placed on the installation and the remote application execution of Firefox users against six Tamo Junto Caixa add-ons and three add-ons that were deemed to be bogus premium items (their names had not been share).
Prohibitions were also levied for illegal user data collection. The unidentified extension, WeatherPool and Your Web, Pdfviewer-tools, RoliTrade and Rolids Plus was prohibited by the Mozilla team.
Yet aggressive activity was also prohibited. Mozilla testers removed 30 products showing different forms of harmful behaviour.
Mozilla just mention the add-on Identifiers and not their titles, so users can call for a ban to disable harmful behaviour. One of the add-ons that survived the appeal process was Like4Like.org Addon, which was initially supposed to obtain and apply social media websites user credentials or tokens.
Some questionable behavior, which Mozilla engineers believed was to load remote material to the new tab page in Firefox, was discovered in the FromDocToPDF add-on.
False Youtube Downloader is also excluded from a Firefox add-on because it threatens to mount certain malware in the client.
Add-ons such as EasySearch for Firefox, EasyZipTab, FlixTab, ConvertToPDF, and FlixTab Search were not allowed, an obviously prohibitive violation, to catch and gather search terms.
Last but not least, Mozilla’s security personnel have blocked 2, 9, and 3 add-ons that were detected using cryptic coding, a tactic used to render add-on creators difficult to read their code in order to hide malicious behavior.