From Newsgroup: alt.comp.software.firefox


It is time to think hard before installing any extensions!

<https://youtube.com/shorts/SQJGsA2Q6gE?si=GbKxsLBxHshS2MBV>

--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

Hacker News wrote:

It is time to think hard before installing any extensions!

<https://youtube.com/shorts/SQJGsA2Q6gE?si=GbKxsLBxHshS2MBV>

Did the add-ons in question have the warning flag "This add-on is not
actively monitored for security by Mozilla. Make sure you trust it
before installing."

--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

Andy Burns <usenet@andyburns.uk> Wrote in message:

Hacker News wrote:

It is time to think hard before installing any extensions!

<https://youtube.com/shorts/SQJGsA2Q6gE?si=GbKxsLBxHshS2MBV>

<https://www.malwarebytes.com/blog/news/2026/01/firefox-joins-chrome-and-edge-as-sleeper-extensions-spy-on-users>

Did the add-ons in question have the warning flag "This add-on is not actively monitored for security by Mozilla. Make sure you trust it
before installing."

How many addons don't say that? I assume only their recommended
ones, but I don't know.
--
Remove numerics from my email address.
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

On 1/27/2026 6:32 AM, Hacker News wrote:

It is time to think hard before installing any extensions!

<https://youtube.com/shorts/SQJGsA2Q6gE?si=GbKxsLBxHshS2MBV>

Why is it a video? Is there just a plain simple list of 17 names: :)
--
@~@ Simplicity is Beauty! Remain silent! Drink, Blink, Stretch!
/ v \ May the Force and farces be with you! Live long and prosper!!
/( _ )\ https://sites.google.com/site/changmw/
^ ^ https://github.com/changmw/changmw
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

On 27/01/2026 09:59, Mr. Man-wai Chang wrote:

On 1/27/2026 6:32 AM, Hacker News wrote:

It is time to think hard before installing any extensions!

<https://youtube.com/shorts/SQJGsA2Q6gE?si=GbKxsLBxHshS2MBV>

Why is it a video? Is there just a plain simple list of 17 names: :)

Dave posted a link and it gives these Add-Ons/Extensions <https://www.malwarebytes.com/blog/news/2026/01/firefox-joins-chrome-and-edge-as-sleeper-extensions-spy-on-users>:


AdBlocker
Ads Block Ultimate
Amazon Price History
Color Enhancer
Convert Everything
Cool Cursor
Floating Player rCo PiP Mode
Full Page Screenshot
Google Translate in Right Click
Instagram Downloader
One Key Translate
Page Screenshot Clipper
RSS Feed
Save Image to Pinterest on Right Click
Translate Selected Text with Google
Translate Selected Text with Right Click
Youtube Download


--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

On 27/01/2026 09:59, Mr. Man-wai Chang wrote:

On 1/27/2026 6:32 AM, Hacker News wrote:

It is time to think hard before installing any extensions!

<https://youtube.com/shorts/SQJGsA2Q6gE?si=GbKxsLBxHshS2MBV>

Why is it a video? Is there just a plain simple list of 17 names: :)

Why would you want to use something which you can scan in a few seconds
when you can watch a video taking ten times that? ;-)

Actually, Fx wouldn't play that YT short until I'd disabled uBlock
Origin. However, even when that was re-enabled it continued playing even
on reloading the page. Just more YT nonsense, I guess.
--
Jeff
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

Dave Royal <dave@dave123royal.com> Wrote in message:

Andy Burns <usenet@andyburns.uk> Wrote in message:

Hacker News wrote:

It is time to think hard before installing any extensions!

<https://youtube.com/shorts/SQJGsA2Q6gE?si=GbKxsLBxHshS2MBV>

<https://www.malwarebytes.com/blog/news/2026/01/firefox-joins-chrome-and-edge-as-sleeper-extensions-spy-on-users>

Did the add-ons in question have the warning flag "This add-on is not
actively monitored for security by Mozilla. Make sure you trust it
before installing."

How many addons don't say that? I assume only their recommended
ones, but I don't know.

Wladimir Panant has reported many compromised addons. Chrome is
worse than Firefox but both are affected.

<https://palant.info/>
--
Remove numerics from my email address.
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

On 1/27/2026 6:23 PM, Jeff Layman wrote:

Why would you want to use something which you can scan in a few seconds
when you can watch a video taking ten times that? ;-)

Maybe the creator of that video doesn't know how to type nor write.
Maybe he/she love his/her voice! :)
--
@~@ Simplicity is Beauty! Remain silent! Drink, Blink, Stretch!
/ v \ May the Force and farces be with you! Live long and prosper!!
/( _ )\ https://sites.google.com/site/changmw/
^ ^ https://github.com/changmw/changmw
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

Jeff Layman <Jeff@invalid.invalid> Wrote in message:

On 27/01/2026 09:59, Mr. Man-wai Chang wrote:

On 1/27/2026 6:32 AM, Hacker News wrote:

It is time to think hard before installing any extensions!

<https://youtube.com/shorts/SQJGsA2Q6gE?si=GbKxsLBxHshS2MBV>

Why is it a video? Is there just a plain simple list of 17 names: :)

Why would you want to use something which you can scan in a few seconds
when you can watch a video taking ten times that? ;-)

Actually, Fx wouldn't play that YT short until I'd disabled uBlock
Origin. However, even when that was re-enabled it continued playing even
on reloading the page. Just more YT nonsense, I guess.

Normally, I'd never bother to follow a link to YT. But as an
(occasional) addon writer I did. On this tablet it plays in the
app. I didn't get an advert either, which often caused me to
abandon.

I wrote an addon - it had about 20 users - which was live for
about 5 years before being reviewed and rejected. I had to
rewrite part of it. After that I marked any new addon as
'experimental' which came with an extra warning and (I think)
stops anybody finding it on AMO.
--
Remove numerics from my email address.
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

Hacker News wrote:

It is time to think hard before installing any extensions!

<https://youtube.com/shorts/SQJGsA2Q6gE?si=GbKxsLBxHshS2MBV>

In December 2025, security researchers at Koi Security discovered a
campaign dubbed GhostPoster involving 17 malicious Firefox extensions.
These extensions were designed to steal data, track browsing activity,
and inject ads by hiding malicious JavaScript code within the PNG image
files of the extension icons.

The malicious extensions were removed by Mozilla, but had already
amassed over 50,000 installations.

_List of Compromised Firefox Extensions_

The 17 identified extensions, often disguised as tools for VPN,
translation, or browser utilities, include:

free-vpn-forever
screenshot-saved-easy
weather-best-forecast
crxmouse-gesture
cache-fast-site-loader
freemp3downloader
google-translate-right-clicks
google-traductor-esp
world-wide-vpn
dark-reader-for-ff
translator-gbbd
i-like-weather
google-translate-pro-extension
*#+u!i-t++*>a (Google Translate in Chinese)
libretv-watch-free-videos
ad-stop
right-click-google-translate

*How the Attack Worked*

Steganography: The malicious code was embedded in the extension's logo
(PNG image), allowing it to bypass initial security checks.

Behavior: Once installed, the extensions waited up to 48 hours before activating to evade detection.

Impact: The malware monitored browsing history, hijacked affiliate
links, stripped security headers, and injected fraudulent ads.

*Recommended Actions*

If you have installed any of these extensions, you should:


Remove them immediately: Uninstall the listed extensions from your
Firefox browser.

Scan for Malware: Run a full system scan with reputable security software.

Review Activity: Change passwords for important accounts (banking,
email, social media) if you used them while these extensions were active.
--
John C. I filter crossposts, various trolls & dizum.com. Doing this
makes this newsgroup easier to read & more on-topic. Take back the tech companies from India & industry from China.

--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

On 2/2/2026 1:53 AM, The Real Bev wrote:

I'm amazed at what people seem to want to see videos for rather than
text. Videos are really good (sometimes, anyway) for things like "how
to replace your phone battery" and "how to purl in German" and (of
course) clever cat antics, but not for anything involving actual WORDS.

And voices and pictures (combined as frames to form video) takes a lot
of storage, compared to text. And don't forget about time taken to
create them and then to comprehend them.

You can argue that text is also images. :)
--
@~@ Simplicity is Beauty! Remain silent! Drink, Blink, Stretch!
/ v \ May the Force and farces be with you! Live long and prosper!!
/( _ )\ https://sites.google.com/site/changmw/
^ ^ https://github.com/changmw/changmw
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

On 2/2/2026 9:57 PM, John C. wrote:

The 17 identified extensions, often disguised as tools for VPN,
translation, or browser utilities, include:

free-vpn-forever
screenshot-saved-easy
weather-best-forecast
crxmouse-gesture
cache-fast-site-loader
freemp3downloader
google-translate-right-clicks
google-traductor-esp
world-wide-vpn
dark-reader-for-ff
translator-gbbd
i-like-weather
google-translate-pro-extension
*#+u!i-t++*>a (Google Translate in Chinese)
libretv-watch-free-videos
ad-stop
right-click-google-translate

Thanks!! I have never ever used them.
--
@~@ Simplicity is Beauty! Remain silent! Drink, Blink, Stretch!
/ v \ May the Force and farces be with you! Live long and prosper!!
/( _ )\ https://sites.google.com/site/changmw/
^ ^ https://github.com/changmw/changmw
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

On 1/27/26 03:52, Mr. Man-wai Chang wrote:

On 1/27/2026 6:23 PM, Jeff Layman wrote:

Why would you want to use something which you can scan in a few seconds
when you can watch a video taking ten times that? ;-)

Maybe the creator of that video doesn't know how to type nor write.
Maybe he/she love his/her voice! :)

I'm amazed at what people seem to want to see videos for rather than
text. Videos are really good (sometimes, anyway) for things like "how
to replace your phone battery" and "how to purl in German" and (of
course) clever cat antics, but not for anything involving actual WORDS.
--
Cheers, Bev
"This software is as user-friendly as a cornered rat!"
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

Hacker News graced us with on 1/26/2026 2:32 PM:

It is time to think hard before installing any extensions!

<https://youtube.com/shorts/SQJGsA2Q6gE?si=GbKxsLBxHshS2MBV>

Hmm, it would be nice if Fx folks would notify users on startup when
installed extensions that have legitimately reported malware or privacy
issues.
--
Sailfish
CDC Covid19 Trends: https://www.facebook.com/groups/624208354841034
Rare Mozilla Stuff: http://tinyurl.com/z86x3sg
--- Synchronet 3.21b-Linux NewsLink 1.2

From Newsgroup: alt.comp.software.firefox

On Wed, 18 Feb 2026 16:01:25 -0800, Sailfish <NIXCAPSsailfish@NIXCAPSunforgettable.com> wrote:

Hacker News graced us with on 1/26/2026 2:32 PM:

It is time to think hard before installing any extensions!

<https://youtube.com/shorts/SQJGsA2Q6gE?si=GbKxsLBxHshS2MBV>

Hmm, it would be nice if Fx folks would notify users on startup when >installed extensions that have legitimately reported malware or privacy >issues.

I haven't checked/tried all 17 from the list John C. provided, instead
of watching that YT tik-tok-toy posting. But the few I have DO NOT
appear as approved/recommended when asking my current Ffox 147.0.4 for
hints about Add-Ons/extensions.
"dark-reader-for-ff" for example...
In other words, downloader/installer beware.
--- Synchronet 3.21b-Linux NewsLink 1.2