I’ve been getting plugged into the world of Firefox, and man, it rocks. I really like it, and I especially like that there’s a huge library of different extensions that can make Firefox just about jump through flaming hoops. As I keep adding more and more, however, I’m starting to worry about whether it’s possible that some of these extensions are actually spyware or viruses. Is that even possible? And if so, how do I avoid being suckered?
Not only is that possible, but there’s a known issue with a Firefox extension called numberlinks. Download and install it and as far as you can tell, it works as it’s supposed to, numbering the different hypertext links on the page so you can browse the Web without a mouse. Meanwhile, however, it’s also sniffing and intercepting passwords and credit card numbers, which are then sent to an external server.
Scary concept, eh?
This particular malicious spyware was first reported by Heise Security. The extension isn’t one you get off the Firefox site, however, but one that arrives as spam identifying itself as “a helpful extension for Firefox”. Install the extension and it loads just like the real numberedlinks extension. But it’s not.
Virus experts McAfee are calling this the first FormSpy because of how it interacts with Web-based forms, but there’s no doubting the malicious nature of this particular spyware.
Find out what extensions you have installed in Firefox by going to Tools –> Extensions, and you’ll see something quite similar to this:
Finally, you can avoid this and the inevitable copycats that’ll show up by only downloading Firefox extensions from known sites, ideally only from Mozdev.org, the official site of the Mozilla team and associated groups that help build and grow Firefox.
And, as always, be careful out there.
Oh, and if you are surfing the web – which you’re obviously doing since you’re here on my site! — then you must have both a solid antivirus solution and anti-spyware solution. I recommend AVG Antivirus for the former and Spy Sweeper for the latter.