Mozilla yanks infected add-ons, warns users
Mozilla on Friday pulled two programs from its Firefox browser add-on site for containing malware. Sothink Web Video Downloader 4.0 and all versions of Master Filer were found to contain Trojan horse code aimed at Windows users.
In a blog post, Mozilla stated that the Master Filer add-on was able to bypass AMO's security tests.
Mozilla user CatThief discovered the threat, it said. And when Mozilla added two more security checks to its vetting process and rescanned its entire catalog, it discovered that version 4 of the Sothink Web Video Downloader also contained a Trojan horse program.
Sothink Web Video Downloader contained Win32.LdPinch.gen, and Master Filer contained Win32.Bifrose.32.Bifrose.
Master Filer was removed from Mozilla's Firefox add-on site on January 25, and the Sothink video downloader was removed on Tuesday.
Sothink Web Video Download 5.5.90819 had been a mildly popular Firefox add-on
Because the Trojan horse programs are tied to Firefox, Mozilla warns, host computers won't be infected until Firefox started. Uninstalling either add-on is only part of the solution, if the infection has already attacked the host computer.
Mozilla recommends that users who suspect that they are infected use one of the following security applications to sweep and clean their computers after uninstalling the threatening add-on:
Antiy-AVL
Avast
AVG
GData
Ikarus
K7 AntiVirus
McAfee
Norman
VBA32
Mozilla on Friday pulled two programs from its Firefox browser add-on site for containing malware. Sothink Web Video Downloader 4.0 and all versions of Master Filer were found to contain Trojan horse code aimed at Windows users.
In a blog post, Mozilla stated that the Master Filer add-on was able to bypass AMO's security tests.
Mozilla user CatThief discovered the threat, it said. And when Mozilla added two more security checks to its vetting process and rescanned its entire catalog, it discovered that version 4 of the Sothink Web Video Downloader also contained a Trojan horse program.
Sothink Web Video Downloader contained Win32.LdPinch.gen, and Master Filer contained Win32.Bifrose.32.Bifrose.
Master Filer was removed from Mozilla's Firefox add-on site on January 25, and the Sothink video downloader was removed on Tuesday.
Sothink Web Video Download 5.5.90819 had been a mildly popular Firefox add-on
Because the Trojan horse programs are tied to Firefox, Mozilla warns, host computers won't be infected until Firefox started. Uninstalling either add-on is only part of the solution, if the infection has already attacked the host computer.
Mozilla recommends that users who suspect that they are infected use one of the following security applications to sweep and clean their computers after uninstalling the threatening add-on:
Antiy-AVL
Avast
AVG
GData
Ikarus
K7 AntiVirus
McAfee
Norman
VBA32
