Trojan code sneaks into two Mozilla add-ons

less than 1 minute read

Mozilla yesterday posted a notice on its AMO blog (that’s an acronym for their add-on site addons.mozilla.org) that two add-ons have been found infected with Trojan code: Sothink Web Video Downloader v. 4.0 and all versions of Master Filer.

Version 4.0 of Sothink Web Video Downloader contained Win32.LdPinch.gen and Master Filer contained Win32.Bifrose. According to the blog, Masterfiler was downloaded 600 times before it was removed from the site Jan. 25 and Sothink was downloaded more than 4,000 times before it was removed Feb. 2.

Mozilla said “AMO performs a malware check on all add-ons uploaded to the site, and blocks add-ons that are detected as such. This scanning tool failed to detect the Trojan in Master Filer. Two additional malware detection tools have been added to the validation chain and all add-ons were rescanned, which revealed the additional Trojan in Version 4.0 of Sothink Web Video Downloader. No other instances of malware have been discovered.”

Blog post here.

Leave a comment