According to Mozilla, the add-ons were banned and removed from the portal Mozilla Add-on (AMO), so that they cannot be installed. They were also disabled from the browsers of users who already have them installed, so that they cannot use them.
129 of the 197 additives banned, were created by the company 2Ring, a B2B software sales company. The ban was imposed because the additives downloaded and executed code from a remote server.
According to Mozilla regulations, add-ons must contain their own code and must not download code from remote sites.
For the same reason, six other additives, developed by Tamo Junto Caixa and three that were considered fake premium products.
In addition to downloading and executing code, the researchers noticed that some additional were illegally collecting user data
. Αυτά τα πρόσθετα ήταν τα εξής: WeatherPool και Social, Pdfviewer – tools, RoliTrade, Rolimons Plus και ένα άλλο ανώνυμο πρόσθετο.Finally, additives were banned that displayed malicious behaviour. Mozilla researchers have banned 30 such add-ons.
Mozilla only reported the IDs of the add-ons, not their names. The developers they will have to remove the malicious behaviour if they want to be allowed to circulate again.
Some of the most well-known additives that were banned:
Like4Like.org: Mozilla researchers have discovered that the plugin collects the credentials users and tokens from social media websites and transfers them to another site.
FromDocToPDF: Loads content remotely in the new Firefox tab.
Fake Youtube Downloader: Attempts to install malicious Software in the users' browser.
EasySearch for Firefox, EasyZipTab, FlixTab, ConvertToPDF and FlixTab Search: Monitor and collect information related to searches users.
Finally, Mozilla's security staff banned several add-ons that used "obfuscated code", a technique that makes reading code more difficult. The goal is usually to hide malicious behavior.