Mozilla admits malware false alarm
By Stuart Turton
Posted on 11 Feb 2010 at 11:04
Mozilla has admitted that one of the Firefox add-ons it accused of containing malware was actually innocent.
Last week, Mozilla announced that Sothink Web Video Downloader 4.0 and the Master Filer add-ons were loaded with the Bifrose Trojan, which is designed to hijack PCs.
The incident was particularly embarrassing for Mozilla, as its scanning tool failed to detect the two-year-old Trojan during the upload process. However, the foundation has now retracted the claim against Sothink Web Video Downloader 4.0, admitting that it was wrong about the add-on.
"We’ve worked with security experts and add-on developers to determine that the suspected trojan in Version 4.0 of Sothink Video Downloader was a false positive and the extension does not include malware," the foundation says on its blog.
"The Sothink Video Downloader has been re-enabled. We apologise to our users and the developers of Sothink for any inconvenience this has caused," the post adds.
However, while Sothink was cleared, Mozilla reiterated that Master File did contain a Trojan. The company has revised its estimate of infected downloads of the trojans down from 6,000 to under 700.
Is your business a social business? For helpful info and tips visit our hub.
- Quickest way to upload 1GB? Hop on a train
- Move over Delia: IBM Watson is cooking tonight
- Eric Schmidt on the double-edged smartphone: friend and foe
- Getty joins the race to the bottom
- Hour of Code: five steps to learn how to code
- Sony Xperia Z2 Tablet review: first look
- Sony Xperia Z2 review: first look
- Samsung Galaxy Gear 2 review: first look
- Nokia XL review: first look
- Samsung Galaxy S5 review: first look
- The key to choosing a secure password
- Please stop reposting fake Facebook messages
- Is Facebook safe for business?
- Don't rely on Chrome's password vault
- Facebook Graph Search: don't panic
- Gmail drafts and Pastebin: could they evade the email snoops?
- Applying for a job at GCHQ? Here's your plain-text password
- Google two-step verification: a must for business email
- Yes, I write down my passwords
- How to deal with a ransomware attack