HomesecurityMozilla: Blocks malicious add-ons that have been installed 455.000 times

Mozilla: Blocks malicious add-ons that have been installed 455.000 times

Mozilla has ruled out malicious add-ons Firefox which had been installed by about 455.000 users after it was discovered in early June that they had misused the proxy API to block Firefox updates.


See also: Mozilla: The new Chrome feature lets you monitor

The additives Bypass and Bypass XM, used the API to intercept and redirect web requests to block users from receiving updates, remotely updating content, and accessing updated blocking lists.

"Starting with Firefox 91.1 now includes changes that return to direct connections when Firefox makes a significant request through a failed proxy configuration. Ensuring the successful completion of these requests helps us to provide the latest important updates and security to our users" they said The Rachel Tublitz and Stuart Colville Mozilla

To block similar malicious add-ons from abusing the API, Mozilla has added a system add-on called Proxy Failover. This new add-on prevents attempts to interfere with media in current and older versions of Firefox.

While Mozilla did not say whether the two add-ons did anything else malicious in the background, they may have used a reverse proxy to bypass sites with paywalls. However, the add-ons also had Mozilla's domain on the paywall list, which also accidentally blocked browser updates.

See also: Mozilla disables FTP support in Firefox 88

malicious additives

How to make sure you are not affected

Mozilla advises users to update their browsers to at least the latest version (Firefox 93), which can ensure that they are protected from add-ons that abuse the proxy API.

Microsoft Defender is the only anti-malware solution that detects add-ons maliciously, adding them as BrowserModifier: JS / BypassPaywall.A.

If you are not running Firefox 93 and have not turned off browser updates, you may be affected by this issue. To be sure, try updating Firefox to the latest versions, as it includes an updated block list that is designed to automatically disable these malicious add-ons.

If you still can't update Firefox, you also have the option to find add-ons that prevent you from upgrading to a newer version and remove them by following these steps:

  • Visit the Troubleshooting Information page.
  • In the Add-ons section, search for one of the following entries:
  • Name: Bypass
  • Αναγνωριστικό: {7c3a8b88-4dc9-4487-b7f9-736b5f38b957}
  • Name: Bypass XM
  • Αναγνωριστικό: {d61552ef-e2a6-4fb5-bf67-8990f0014957}

See also: Firefox bypasses the default browser settings of Windows 11

note: Make sure the IDs match exactly as there may be other, unrelated add-ons that use these or similar names. If none of these IDs appear in the list, you are not affected.

If you want to make sure there are no traces left, you can also refresh Firefox to restore all add-ons and settings, or start over by downloading and installing a new copy of Firefox.

Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement