Subscribe for premier reporting on free speech, privacy, Big Tech, media gatekeepers, and individual liberty online.

Fake extensions that inject malware are a major problem on the Firefox extensions gallery, report shows

If you’re tired of censorship and surveillance, subscribe to Reclaim The Net.

Mozilla doesn’t allow free speech on the Extensions Gallery but it allows malware.

It looks like Mozilla may need to revise its process of allowing the upload of new extensions to its Firefox Extension Store that was adopted in 2017. Such a model allows extensions to be published first on the store before Mozilla reviews whether the extensions are legit or anomalous.

On the onset, the process seems fine. But a second look would tell you otherwise since some of the supposed extensions are actually spam extensions using the names of popular and legitimate Firefox extensions. When installing the extensions, they would actually direct users to third-party websites upon listening to user inputs. The actual extensions have different file sizes and functionality.

According to a report from Ghacks, new extensions that were listed in the Firefox Extension Store have no descriptions and yet they require access for all websites.


Users who download these extensions would notice that the names of the extensions do not match the downloaded file name. The listing of these new extensions on the Firefox store seems to indicate no users and seem to have been uploaded by random users.

Mozilla would remove these extensions only if they notice them or perhaps when users report that anomalous extensions. But this is only after users have been hit by the malware brought about by the fake extensions. There lies the flaw of Mozilla’s policy of “publish first, review second.” Perhaps Mozilla needs to reconsider switching this back to the original “review first, publish second,” if only to remedy the recent wave of malware attacks.

While the process allows faster publications of extensions and plugins, it is vulnerable to attacks of spam and malicious extensions. Google employs the same process and does not even review extensions manually. Hence it was hit harder by fake extensions in recent years. Although Firefox may not be as popular as Google Chrome browser right now, there are still significant number of loyal Firefox users who are vulnerable to such malware attacks.

The least Mozilla can do for their loyal users is to provide some security protection such as this one for malicious extensions that are silently attacking its users.

If you’re tired of censorship and surveillance, subscribe to Reclaim The Net.

Read more

Join the pushback against online censorship, cancel culture, and surveillance.

Already a member? Login.