Mozilla performs antivirus scans on add-ons that are added by developers to the add-on repository. These add-ons are then offered as experimental add-ons until they pass a human review which adds them fully to the add-on directory.
It came to light today that two add-ons that have been offered at the add-on repository had been infected with malware that would load a trojan if the host computer ran the Windows operating system.
The two infected add-ons where found after Mozilla added a new antivirus scan engine to the site and performed a scan of all available add-ons.
The infected add-ons are Sothink Web Video Downloader 4.0 and Master Filer which both contained the trojan Win32.Bifrose.32.Bifrose.
Two experimental add-ons, Version 4.0 of Sothink Web Video Downloader and all versions of Master Filer were found to contain Trojan code aimed at Windows users. Version 4.0 of Sothink Web Video Downloader contained Win32.LdPinch.gen, and Master Filer contained Win32.Bifrose.32.Bifrose Trojan. Both add-ons have been disabled on AMO.
Firefox users who have downloaded and installed the add-ons should uninstall them immediately and perform a thorough scan for malicious software on their computer system. Most modern up to date antivirus software programs, such as Avast or AVG, can detect and remove the trojan from the computer system.
Both add-ons were downloaded a total of 4600 times from the Mozilla website and an unknown amount of times from other websites that offered the add-ons.
Mozilla seems to have learned from the malware infection as they have increased the number of different malware scanning engines from one to three with the probability that more will be added in the future. The frequency of regular scans was also increased according to Techworld information.
Linux and Mac users are not affected by the trojan even if they have downloaded the add-ons.
Continua a leggere – Original Link: Mozilla Promises Better Virus Scanning After Virus Faux Pas