Industry guru Dave Taylor offers tech support on technical and business topics, including iPhone, iPod, Microsoft Windows, Sony PSP, cellphones, online advertising, CSS, Web design, business, Unix, Linux, SEO, Mac OS X, and shell script programming.     


Can a Firefox extension be spyware?

I've been getting plugged into the world of Firefox, and man, it rocks. I really like it, and I especially like that there's a huge library of different extensions that can make Firefox just about jump through flaming hoops. As I keep adding more and more, however, I'm starting to worry about whether it's possible that some of these extensions are actually spyware or viruses. Is that even possible? And if so, how do I avoid being suckered?

Dave's Answer:

Not only is that possible, but there's a known issue with a Firefox extension called numberlinks. Download and install it and as far as you can tell, it works as it's supposed to, numbering the different hypertext links on the page so you can browse the Web without a mouse. Meanwhile, however, it's also sniffing and intercepting passwords and credit card numbers, which are then sent to an external server.

Scary concept, eh?

This particular malicious spyware was first reported by Heise Security. The extension isn't one you get off the Firefox site, however, but one that arrives as spam identifying itself as "a helpful extension for Firefox". Install the extension and it loads just like the real numberedlinks extension. But it's not.

Virus experts McAfee are calling this the first FormSpy because of how it interacts with Web-based forms, but there's no doubting the malicious nature of this particular spyware.

Find out what extensions you have installed in Firefox by going to Tools --> Extensions, and you'll see something quite similar to this:

Firefox Extensions List

Finally, you can avoid this and the inevitable copycats that'll show up by only downloading Firefox extensions from known sites, ideally only from Mozdev.org, the official site of the Mozilla team and associated groups that help build and grow Firefox.

And, as always, be careful out there.

Oh, and if you are surfing the web - which you're obviously doing since you're here on my site! -- then you must have both a solid antivirus solution and anti-spyware solution. I recommend AVG Antivirus for the former and Spy Sweeper for the latter.

More Useful Computer and Internet Basics Articles:
✔   How do I blur my house on Google Maps Street View?
I was poking around on Google Maps looking at satellite views of my neighborhood and when I switched to street view, was upset...
✔   Create a custom vanity URL for Kickstarter?
I was reading some updates on Twitter and saw someone had posted a URL that would let me see what projects they'd backed...
✔   Export or Save Subscription List from Google Reader?
Just heard that Google Reader is going away this summer. That stinks! How am I supposed to read my RSS feeds? More importantly,...
✔   Shrink or Reduce a Photo File Size on Mac?
I'm trying to upload some photos to a social media site and it's complaining that they're too big. They are, as they come...
✔   Can I organize my Yahoo Mail with folders?
I've been on Yahoo Mail for years and while most of my friends are now on Gmail or their own Web-based email programs,...
Let's stay in touch!
Sign up for my weekly AskDaveTaylor Newsletter and you'll receive even more tech and gadget help right to your inbox, along with exclusive news and industry updates. It's good stuff. I promise!
    Enter your name: and your email addr:  




Categorized: Computer and Internet Basics   (Article 6713, Written by )
Tagged: firefox, firefox extensions, formspy, spyware, viruses
Previous: Why does eBay buy foreign auction sites instead of building its own?
Next: Should I have one centralized site, or lots of local sites?




Reader Comments To Date: 2

Matthew Poer said, on August 19, 2006 3:43 PM:

I've seen the infamous "MyWebSearch" on Firefox, once, on a client's Windows PC. It was scary! http://ichyware.net/nerdherd/firefox_with_myWebsearch/index.htm

John said, on September 29, 2007 6:07 PM:

I noticed that the numbered links plugin is actually listed as a download from mozdev.org (under usability)

I'm presuming that means either a) mozdev.org is not actually screening what it uploads or b) the spyware version you're talking about is actually just a copied version of the real (harmless) plugin, which has been turned into spyware and is being marketed through less guarded channels.

Either way, I'm not taking the risk.

Starbucks coffee cup I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you, Dave, for all your helpful information by buying you a cup of coffee!

I do have a comment, now that you mention it!











I will never send you any unsolicited email. Ever.






Check This Out Too...

 
Recent Entries
Look for Answers
Recommended
Need Help? Ask Dave Taylor!
All Our Categories


Follow Me on Pinterest

Find Me on Google+
ADT on G+
© 2002 - 2013 by Dave Taylor. All Rights Reserved.

Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site. Further, please note that by submitting a question or comment you're agreeing to my terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site. My lawyer says "Thanks".
"Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.