Threat actors have been looking to compromise Mozilla Firefox developers as part of an active phishing campaign, The Register reports.
Malicious emails masquerading as account update prompts have been sent by attackers purporting to be Mozilla or AMO in a bid to deceive Firefox developers into clicking a nefarious link that enables unauthorized access to trusted accounts, according to Mozilla. While additional details regarding the extent and success of the phishing scheme have not been provided by Mozilla, independent cybersecurity and privacy researcher Lukasz Olejnik noted the potential use of breached developer accounts to push more credential-stealing add-ons aimed at cryptocurrency users. Over 40 illicit Firefox add-ons spoofing crypto wallets were reported by Koi Security to have been leveraged to pilfer crypto wallet credentials. "At this point, it's safest to assume that most crypto-related Firefox extensions contain malware. Especially those that are new, or have few users. In fact, every such extension should be considered compromised by default and avoided completely," said Olejnik.
Malicious emails masquerading as account update prompts have been sent by attackers purporting to be Mozilla or AMO in a bid to deceive Firefox developers into clicking a nefarious link that enables unauthorized access to trusted accounts, according to Mozilla. While additional details regarding the extent and success of the phishing scheme have not been provided by Mozilla, independent cybersecurity and privacy researcher Lukasz Olejnik noted the potential use of breached developer accounts to push more credential-stealing add-ons aimed at cryptocurrency users. Over 40 illicit Firefox add-ons spoofing crypto wallets were reported by Koi Security to have been leveraged to pilfer crypto wallet credentials. "At this point, it's safest to assume that most crypto-related Firefox extensions contain malware. Especially those that are new, or have few users. In fact, every such extension should be considered compromised by default and avoided completely," said Olejnik.
