Another wave of spam add-ons hits Mozilla Firefox AMO
When you list available extensions for the Firefox browser based on recency right now on Mozilla AMO, the official Mozilla Add-ons repository store, you will stumble upon a list of extensions that promise free 4K streams of popular movies such as Ready Player One, Black Panther, Avengers Infinity War, or Pacific Rim Uprising.
The Firefox extensions appear to have been uploaded by different accounts that have been created today. The title and description is nearly identical, and the only part that changes is the title of the movie the the extension promises to deliver to the user system for free in 4K.
I downloaded several of the extensions and discovered two puzzling things: extensions use a file name that is entirely different to the extension's title on AMO. The Ready Player One extension's file name was fairway_solitaire_blast-20.0-an+fx.xpi for instance.
I have two potential explanations for that: the spammers use this to test the defenses of AMO, or they plan to release updates for the extensions that include the actual code. Whether that code will then redirect users to a streaming site or attempts to spam or infect devices is unclear at this point in time.
What is clear, however, is that Firefox users will face more of this in the future. Mozilla switched the review process of extensions from manually reviewing all add-ons for Firefox before publication on Mozilla AMO to a semi-automated system recently that accepts any extension that passes automatic security checks.
While add-ons do get reviewed manually by Mozilla employees and volunteers later on, they are listed on AMO in the meantime.
Another batch of spam extensions hit Mozilla AMO in December 2017. The situation was worse in December as spammers uploaded dozens of extensions to AMO so that the first two pages of recent add-ons were filled almost entirely with spam add-ons. The extensions back then promised free TV show streams.
Mozilla faces the same problematic situation that Google faced from the very beginning; automation may have its advantages, namely faster publication of add-ons and that it is cheaper, but that comes at the cost of allowing spam or even malicious extensions into the store for a period.
Now You: What's your take on the development?