- Mozilla warns his dev — Society of a running attack
- The attackers want access to DEVS ‘accounts
- Painting browser -adds with malware could be played here
Mozilla warns his developer community, they risk being targeted by dishonest new phishing attacks that encourage them to “exercise extreme caution and control” when receiving E emails that claim to have come from either Mozilla or AMO (addons.mozilla.org).
“Phishing emails typically indicate a certain variation of the message” Your Mozilla Access Account requires an update to continue accessing developer functions, “the company said in its description of what the goals might expect.
The company did not say who the threat actors are, what they want to achieve or how successful they are – but given the browser development developers are targeted, it is safe to assume that Miscreants is looking for a way to compromise the products with malware.
Supply Chain Attacks
Browser supplies are small programs that add extra features or features to a web browser, and users usually install them to customize or improve their browsing experience.
Some of the most popular additions include ad blockers, spelling and grammar control, password managers, screen tools and VPNs or privacy tools.
By messing up the solution with malware, cyber criminals can engage in supply chain attacks, access people’s bank accounts, social media accounts, cryptocurrency and NFTs, passwords, session cookies and more.
It is also a regular attack vector. Less than a month ago, it was reported that many chromium and edge dons, including several prominent products, were found espionage on users and communicated with a third-party server.
At that time, Koi Security security researchers reported that a seemingly benign chromium add-up called “Color Picker, Eyedropper-Geo Colorpick”, which allows users to quickly identify and copy color codes from any point in their browser was secretly a malware.
While working as advertised and had thousands of downloads and positive reviews, the addition also did something in the background – it hijacked browser activity, track that sites, users were visiting, and communicating with external C2 infrastructure.
This discovery led them down a path that revealed an entire web of additions, everyone did similar things.
Via Registered
