All the latest UK technology news, reviews and analysis

Mozilla blocks password thieving add-on

by Khidr Suleman

15 Jul 2010

Be the first to comment

  • Tweet this

Mozilla has disabled a malicious password stealing add-on known as Mozilla Sniffer, which was uploaded on 6 June and downloaded by 1,800 users.

The add-on contained code that intercepted login data submitted to any web site, and sent this data to a remote location.

Mozilla discovered the bug on 12 July, and added it to its block list prompting the add-on to be uninstalled.

"All current users should receive an uninstall notification within a day or so. The site this add-on sends data to seems to be down at the moment, so it is unknown if data is still being collected," Mozilla said in a blog post.

Mozilla Sniffer was not developed or reviewed by Mozilla. It was in an experimental state, and all users that installed it should have seen a warning indicating it is was not reviewed, Mozilla said.

A security flaw was also discovered in version 3.0.1 of the CoolPreviews add-on.

The vulnerability is triggered using a specially crafted hyperlink. If the user hovers the cursor over this link, the attacking script is given control over the host computer.

So far 177,000 users have a vulnerable version installed. This is less than 25 per cent of the install base and it will continue to decrease as more users are prompted to update to a new version, Mozilla noted.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

Symantec logo

Symantec denies offer to pay Anonymous hush money

Related white papers

Related articles

Related jobs

Today's top stories

London 2012 Olympic Games logo

Government warns internet could be capped during Olympics

An EMC logo

EMC brings Project Lightning to market as VF Cache

Apple iBooks 2

Apple iBooks 2 hands on review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

97%

1%

1%

0%

1%

Features

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

V3's Dan Robinson

RIM needs to decide where its market lies

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Business Analyst

Contract length: 6 months + Start date: ASAP. Location...

Senior Marketing Executive - Food and Drink industry - London

Senior Marketing Executive - Food and Drink industry...

BI Solutions Architect, Teradata - 3 Months, to £350pd, London

BI Solutions Architect - 3 Months, to £350pd, London...

Junior Drupal Developer - Drupal - Chesterfield - To £22k

Junior Drupal Developer - Drupal - Chesterfield - To...

To send to more than one email address, simply separate each address with a comma.