Ayush BansalMozilla blocked malicious add-ons used by approx 455,000 users base. The development team said that in early June, Firefox discovered add-ons that were misusing the browser’s proxy API, to manage how the browser connects to the internet.
Add-ons are that software that can be installed to customize a user’s browsing experience and include various blockers like ads blockers and themes, utilities, etc.
These add-ons named ” Bypass and Bypass XM” were utilizing the API to intercept and redirect internet requests to block users from downloading updates, updating remotely configured content material.
Mozilla’s Rachel Tublitz and Stuart Colville said,
“To prevent more customers from being impacted by new add-on, we paused on approvals for add-ons that used proxy API till we fix this issue for make our service accessible to all the users”.
According to Mozilla, a particular user was unable to download updates, access updated blocklists. The add-ons were removed with the browser’s update functionality.
However, They also search for any other malicious purposes, like data theft or anything like that.
Beginning of Firefox 91.1, Firefox has adjustments to be in again to direct connections when it makes a necessary request through a proxy configuration that fails.
To block such malicious add-ons which abuse the same API, Mozilla added a system add-on that is hidden, impossible to disable, and can be updated restartlessely. This new add-on improvement prevents from interfering with the update mechanism current version and in older as well.
Mozilla teams say, “We take customer/user security at our priority at Mozilla”. Our process has both automated and manual reviews. We’re continuously working on improving the protection of Firefox users”.
How to make sure you’re not affected
If you don’t want to affect from this malicious activity then keep your browser updated to the latest version (Firefox 93).
“It’s a good choice, time and suggestion to maintian the upodate of your browser. Those who are using the Microsoft Window, ensure Microsoft Defender is working,” Tublitz and colville added that.