Mozilla withdraws Firefox add-on malware claim

Mozilla has apologised for wrongly stating that an add-on contained a Trojan

Mozilla has admitted that a warning issued by the company last week about security issues with two third-party add-ons for Firefox was overstated.

The firm had said that two experimental add-ons for the browser contained malware, but has now withdrawn this claim about one of the add-ons.

Mozilla explained that it had reconsidered its earlier claim that version 4.0 of Sothink Video Downloader contained malware after working with security firm McAfee to "better understand the threat".

"The suspected Trojan was a false positive, and the extension does not include malware. Our estimate of 6,000 affected downloads has been revised to under 700," said Mozilla in a blog post.

"The Sothink Video Downloader has been re-enabled on Mozilla Add-Ons. We apologise to our users and the developers of Sothink for any inconvenience this has caused."

The other add-on about which Mozilla had warned, the Master Filer extension, did include a Trojan, however.

Graham Cluley, senior technology consultant at Sophos, said that the reputation of the developers of Sothink Video Downloader could have been harmed by an incorrect claim of malware infection.

"I don't think Mozilla was wrong to withdraw the add-on from availability while its status was under question, but I do think they should have double-checked before publicly labelling it 'malware'," he wrote in a blog post.