Particle.news

Download on the App Store

Mozilla Warns Firefox Add-on Developers of Active Phishing Campaign

The warning follows reports of at least one developer falling victim to messages impersonating Mozilla’s AMO team.

Image
Image
Image
Image

Overview

  • Mozilla has confirmed a phishing campaign impersonating AMO staff to harvest credentials from Firefox add-on developers.
  • Phishing messages assert that developer accounts require updates to maintain access to features and contain links that lead to credential-harvesting pages.
  • At least one developer reports falling victim to the scheme, though the overall scale and success rate of the campaign remain under investigation.
  • Mozilla advises developers to verify sender domains, confirm emails pass SPF, DKIM and DMARC authentication checks, and access addons.mozilla.org only through its official URLs.
  • Security teams have already removed more than 40 malicious crypto-wallet–stealing extensions since April and are enhancing platform defenses against supply-chain threats.