Mozilla’s security team has been busy the past two weeks,
removing add-ons caught stealing user data and executing malicious code.
In a crusade to “make browsing smarter, safer, and faster,”
the Firefox administrators decommissioned
around 200 extensions and add-ons that posed security risks for users.
Plugins with hidden features that may compromise user privacy or security were
flagged and removed during the assessment.
More than half of the ban revolved around add-ons developed
by B2B software developer 2Ring. Researchers found that the add-ons promoted by
the company were actually executing code from a remote server.
Illegally collecting user data, add-ons such as WeatherPool
and Your Social, Pdfviewer – tools, RoliTrade, and Rolimons Plus suffered the
same fate. Mozilla’s Add-on
Policy reads that, “If you are collecting any personal information, the
user must provide affirmative consent (i.e., explicit opt-in from the user). It
must be clear to the user that they give consent to the collection of personal
The research team also found a batch of 30 add-ons (currently un-named) that violated the add-on policies with various types of malicious behavior. Unauthorized collection of search terms going to a third-party search provider including add-ons such as EasySearch for Firefox, EasyZipTab, FlixTab, ConvertToPDF, and FlixTab Search also warranted a ban.
Other worthy mentions include the FromDocToPDF add-on found loading
remote content into Firefox’s new tab page, and Fake Youtube Downloader,
disabled for attempting to “install other malware” in the browser. During the
banning stage, Mozilla also disabled the plugins from the browser of users who previously
Although “Mozilla may reject or block affected versions or
entire add-ons that don’t meet the policies”, any add-on developer can set an