Mozilla has warned browser extension builders of an energetic phishing marketing campaign focusing on accounts on its official AMO (addons.mozilla.org) repository.
Mozilla’s add-on platform hosts over 60,000 browser extensions and greater than 500,000 themes utilized by tens of thousands and thousands of customers worldwide.
In keeping with Mozilla’s advisory, these phishing emails are impersonating the AMO workforce and declare that the focused developer accounts require updates to keep up entry to improvement options.
“The developer group ought to be conscious we have detected a phishing marketing campaign focusing on AMO (addons.mozilla.org) accounts. Add-on builders ought to train excessive warning and scrutiny when receiving emails claiming to be from Mozilla/AMO,” Mozilla cautioned on Friday.
“Phishing emails usually state some variation of the message’ Your Mozilla Add-ons account requires an replace to proceed accessing developer options.'”
To safe their accounts, builders are suggested to all the time confirm if emails they obtain are despatched from a Mozilla area (firefox.com, mozilla.org, mozilla.com, or their subdomains), that they cross customary e-mail authentication checks (together with SPF, DKIM, and DMARC), and to not click on on hyperlinks embedded in suspicious emails.
Mozilla additionally urged builders to navigate on to its web sites moderately than following e-mail hyperlinks, and solely enter their login credentials on official Mozilla or Firefox domains.
Mozilla phishing e-mail (Juraj)
Whereas Mozilla has but to reveal the size of this phishing marketing campaign, the top aim of the assaults, or whether or not any developer accounts had already been efficiently compromised, no less than one developer claims to have fallen sufferer.
Mozilla mentioned it will present updates if extra particulars about this marketing campaign develop into obtainable.
The warning comes after final month’s announcement that Mozilla’s Add-ons Operations workforce has launched a brand new safety characteristic to assist block malicious Firefox extensions designed to empty cryptocurrency wallets.
Andreas Wagner, the Add-ons Operations Supervisor who oversees the content material safety and overview efforts for addons.mozilla.org (AMO), acknowledged that Mozilla has recognized and eliminated tons of of extensions, together with fraudulent cryptocurrency wallets, over the previous few years.
Whereas not all of those extensions have been instantly linked to malicious actions, cybercriminals stole $494 million value of cryptocurrency final 12 months by means of wallet-draining assaults affecting over 300,000 pockets addresses.
Malware focusing on password shops surged 3X as attackers executed stealthy Excellent Heist situations, infiltrating and exploiting crucial methods.
Uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and how one can defend in opposition to them.
