- Mozilla is warning his community of an ongoing attack
- Attackers want access to developer accounts
- The browser accessories crowd with malware could be the work here
Mozilla warns of his community of developers who run the risk of being attacked by new tortuous phishing attacks that urge them to “exercise extreme precaution and scrutiny” upon receiving emails that claim that they come from mozilla or master (accessories.mozilla.org).
“Phishing’s emails usually indicate some variation of the message” your Mozilla Add-Ons account requires an update to continue accessing the developer’s characteristics, “said the company in its description of what the objectives could expect.
The company did not say who the threat actors are, what they seek to achieve or how successful they are, however, given that browser accessories developers are being attacked, it is safe to assume that criminals are looking for a way to compromise products with malware.
Supply chain attacks
The browser accessories are small programs that add additional features or functions to a web browser, and users generally install them to customize or improve their navigation experience.
Some of the most popular supplements include advertisement blockers, spelling and grammar correctors, password administrators, screen capture tools and privacy tools.
By contaminating solutions with malware, cybercriminals can participate in supply chain attacks, obtaining access to bank accounts, social media accounts, cryptocurrency tokens and NFT, passwords, session cookies and more.
It is also a common attack vector. Less than a month ago, it was reported that many Chrome and Edge accessories, including several prominent products, found themselves spying on users and communicating with a third -party server.
At that time, Koi Security Security researchers reported that an apparently benign chrome complement called “Picker color, Eyedropper-Geco Colorpick”, which allows users to quickly identify and copy color codes from any point inside their browser, was secretly a malware.
While working as announced, and with thousands of downloads and positive reviews, the complement also did something in the background: he kidnapped the activity of the browser, tracked the users of the websites and communicated with a remote infrastructure C2.
This discovery led them along a path that discovered a complete network of accessories, all doing similar things.
Through The registration
