7 comments

[ 2.1 ms ] story [ 42.7 ms ] thread
Recently, there have been a small number of AUR packages claiming to be browsers with RATs included.

Wonder if the activity is related.

Firefox is down bad right now. I have used it steadily for 20 something years now, and the cracks are really apparent now. It's also likely that Google will be forced to stop giving Mozilla money for Firefox, leaving little hope for continued development.

This might actually be the end of FF.

Partially off topic, but youtube ads for me are currently 70% out and out scams - deepfaked tv personalities telling you about some government scheme where every person gets £20,000 cash.

Even the closed ecosystems are infected.

This headline has been editorialized, contrary to HN guidelines, and it's also inaccurate. The actual headline of the story is "Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons".

The story is about a phishing campaign directed at extension developers, not about the extension "store" (which is not really a store and doesn't sell anything), being "flooded" with malware.

(comment deleted)
(comment deleted)
With browser extensions becoming new attack vectors, we need some reliable way to determine if they're running suspicious or malicious code in them before they're able to deploy. It seems like not even Google can properly vet their extension before they're added to the extensions store.

The only way I've found to try and detect these as an end user is by using an extension called Under New Management [1], which attempts to alert you if a browser extension has changed ownership, at which point you can pretty much assume they've been compromised.

Other than that, I know of no way to attempt to detect these malicious and problematic extensions. If anyone has any suggestions, please share them.

[1] https://github.com/classvsoftware/under-new-management