Over 2,000 #Firefox Extensions Vulnerable To Dangerous 'Remote Admin' Malware

Which Web browser do you use? A lot of you are using Internet Explorer, Google Chrome, or even the new Microsoft Edge. There's also a good chance you're using Mozilla Firefox. Even if it's not your everyday, go-to browser, you might occasionally use it for its best features.

It's fast, and for a lot of people, it has the best browser extensions. It's just not all that secure. As it turns out, it also has 2,000 or more security holes that can lead to your Windows PC or Mac being infected with malware. Worse, the malware lets hackers take over your PC or Mac.

We have long recommended to our clients that they NOT use Firefox as a primary browser. We all know Internet Explorer sucks and can be a welcome mat for malware/viruses, so a lot of users would hear about Firefox and think it was a great alternative. It's NOT. Now, to qualify this statement, in general, Firefox ITSELF (Meaning JUST THE BROWSER) is not really the problem. The problem involves those extensions (or add-ons or plug-ins), which let you customize your Internet experience. Many of these look and are incredibly useful: Download tools, Image Capture, Clipboard tools, and more. The problem is this: ANYONE can make an extension for Firefox and put it out there. And millions do. And MANY, MANY of them are actually Malware in disguise, or even worse, packed with advertisements and pop ups. And none of these are policed or filtered by Mozilla (Firefox's Publisher). So unsuspecting users will quite commonly unintentionally install malware on their computers. 

The way the malware gets into Firefox extensions is uncomfortably simple. A hacker creates an extension that looks like it'll be used for a good purpose.

Then it slips right past Mozilla's (very loose) vetting process, according to researchers at Northeastern University. Or, some extensions are created using an old platform. The bogus extension then infects legitimate extensions with the malware. The findings were recently presented at the Black Hat Asia conference.

There's some good news here. Firefox is aware of the problem and will start implementing a fix. "The method described relies on a popular add-on that is vulnerable to be installed, and then for the add-on that takes advantage of that vulnerability to also be installed," a Firefox executive told, Kaspersky Lab. Firefox said it will soon start sandboxing Firefox extensions, meaning the extensions won't be able to share code.

Note: This is an important reminder to have a rock-solid Internet security system installed on all your devices. 

Kaspersky Lab is the largest online security company in the world with 400 million individual users and 270,000 business clients. Its security software took part in 94 security comparison tests in 2015 and won first place an astonishing 60 times.

Get the power of protection on your computer today.  We should also mention that one license of Kaspersky Total Security protects up to five gadgets, including Windows, Mac and Android smartphones and tablets.

** On a side note, Rethink Associates still wholeheartedly recommends Google Chrome and Safari Browsers.