SoylentNews is people
SoylentNews
A new breed of malicious Mozilla Firefox and Google Chrome extensions uses techniques to make their removal much more difficult.
Malwarebytes revealed in a blog post how these extensions block user access to the add-on management page of the browser and therefore removal from within the browser.
The Chrome extension Tiempo en colombia en vivo was available on the official Chrome Web Store but was distributed mostly on third-party websites.
The browser extension monitors open tabs while it runs. If the user opens chrome://extensions/, it will redirect the request to chrome://apps/?r=extensions automatically. This is done so that the user cannot remove the extension as it is not listed on the apps page.
The Firefox add-on FF Helper Protection shows similar traits. It monitors open tabs for the string about:addons to close the tab automatically if it is found.
Both extensions have in common that they prevent users from accessing the add-on management interface of the browser.
The article includes detailed instructions on how to remove the malicious Mozilla Firefox and Google Chrome extensions.
(Score: 1) by higuita on Monday January 22 2018, @05:05PM
yes, and when installing, you are asked a list of permissions that the addon can do... that list need to be more friendly, but the user is allowing the add-on to mess with the browser
also, permitting the access to the add-on is probably a bug... it may be a regular internal page, but it should be excluded from the add-on exactly because of this.
In the past, you had no way to block this, but now you/mozilla can change the code and block this without breaking other add-ons