Mozilla launches new system to detect Firefox crypto drainer add-ons

[harlan4096]

Mozilla has developed a new security feature for its add-on portal that helps block Firefox malicious extensions that drain cryptocurrency wallets.

According to a recent blog post, Mozilla's new security system creates risk profiles for each submitted wallet extension and triggers automated risk alerts if a pre-defined threshold is exceeded.

These alerts will prompt human reviewers to take a closer look and remove malicious extensions from the store before they're used to drain more victims' crypto wallets.

"To help protect Firefox users, the Add-ons Operations team developed an early detection system designed to identify and stop crypto scam extensions before they find traction with unsuspecting users," Mozilla said.

"The first layer of defense involves automated indicators that determine a risk profile for wallet extensions submitted to AMO. If a wallet extension reaches a certain risk threshold, human reviewers are alerted to take a deeper look. If found to be malicious, the scam extensions are blocked immediately."

Crypto wallet drainers that steal cryptocurrency or other digital assets from a victim's wallets are now being delivered to potential victims' systems via malicious browser extensions designed to masquerade as legitimate add-ons from trusted crypto wallets.

This attack vector ensures that threat actors can quickly empty their targets' crypto wallets after stealing their private keys and credentials, making the lost funds likely impossible to recover.

While not all are directly tied to malicious extensions, cybercriminals stole $494 million worth of cryptocurrency last year in wallet-draining attacks from more than 300,000 wallet addresses.

Continue Reading...