Firefox add-ons exploited by hackers
Hackers can drop malicious code into systems running Mozilla’s Firefox when the browser is armed with any of several high-profile add-ons, including Google Toolbar and Yahoo Toolbar, a researcher revealed today. Mozilla has acknowledged the risk posed by some extensions.
Christopher Soghoian, a Ph.D student at Indiana University, outlined how “man-in-the-middle” attackers, especially in public wireless networks, could disguise malware as a Firefox extension and surreptitiously plant their code in lieu of a normal update to one of the vulnerable extensions.
The bulk of Firefox extensions — small plug-ins that add features or functionality, and are almost universally created by volunteer developers or hobbyists — are hosted and updated from Mozilla’s own SSL-secured site, and are not vulnerable to this attack, Soghoian said. A number of broadly used third-party extensions, however, update from their own unsecured servers.