Mozilla has issued a warning regarding a phishing campaign aimed at developers of Firefox add-ons. Developers are urged to closely examine emails that are potentially impersonating Mozilla or addons.mozilla.org. The campaign typically tricks developers into clicking malicious links under the pretense of updating their accounts, threatening loss of access to developer features otherwise. Although the company's motivations behind the attacks remain unspecified, the potential for using hacked accounts to distribute malicious extensions targeting crypto users is evident. Research highlights about 40 malicious add-ons designed to steal cryptocurrency wallet credentials, often masquerading as trusted tools.
Mozilla warned developers about a phishing campaign targeting Firefox add-on creators, urging extreme caution when reviewing emails that appear to be from Mozilla or AMO.
The phishing attacks aim to trick developers into clicking malicious links for account updates and threaten loss of access to developer features if ignored.
Independent researcher Lukasz Olejnik noted a plethora of new extensions designed to steal seed phrases from crypto wallets, making it a constant cat-and-mouse game.
Research from Koi Security revealed over 40 malicious Firefox add-ons, posing as legitimate tools from trusted brands, are part of this criminal campaign.
Collection
[
|
...
]