On the official website of Firefox extensions, Mozilla has posted two additional modules of the infected Trojans.
Potentially, a total of at least 4600 Windows users who installed Firefox extensions Sothink Web Video Downloader (Version 4.0) and Master Filer (All versions) are affected by a Trojan. The problem is that Mozilla extensions that contain malicious code was hosted on his official website Mozilla Add-ons (AMO). So there was a failure in the validation process.
According to the encyclopedia of malware Microsoft detected in Sothink Web Video Downloader, Win32.LdPinch.gen is part of the family of trojans that steal passwords. Win32.Bifrose for its part is a Trojan backdoor that allows a remote attacker to access a computer.
These Trojans hidden in extensions, run when you start Firefox for infection of the host computer. If necessary, the only uninstalling the extension is not enough, and disinfection of the computer must also pass an updated antivirus solution.
Master Filer has been removed from AMO on January 25, and version 4.0 Sothink Web Video Downloader earlier this week, Tuesday, February 2. AMO precise an analysis of all malware extensions available online, and to indicate:
"The analysis tool has failed in detecting the trojan in Master Filer. Two additional tools to detect malware have been added to the chain of validation and all add-ons were further analyzed, which revealed the presence of Trojan in version 4.0 Sothink Web Video Downloader."
It is noted that these experimental extensions were cataloged, and therefore have not been tested from the editorial team. For such extensions, the user must specify by ticking a box, he wants to make an installation. However, preliminary analysis malware has held.