Mozilla admits malware false alarm
By Stuart Turton
Posted on 11 Feb 2010 at 11:04
Mozilla has admitted that one of the Firefox add-ons it accused of containing malware was actually innocent.
Last week, Mozilla announced that Sothink Web Video Downloader 4.0 and the Master Filer add-ons were loaded with the Bifrose Trojan, which is designed to hijack PCs.
The incident was particularly embarrassing for Mozilla, as its scanning tool failed to detect the two-year-old Trojan during the upload process. However, the foundation has now retracted the claim against Sothink Web Video Downloader 4.0, admitting that it was wrong about the add-on.
"We’ve worked with security experts and add-on developers to determine that the suspected trojan in Version 4.0 of Sothink Video Downloader was a false positive and the extension does not include malware," the foundation says on its blog.
"The Sothink Video Downloader has been re-enabled. We apologise to our users and the developers of Sothink for any inconvenience this has caused," the post adds.
However, while Sothink was cleared, Mozilla reiterated that Master File did contain a Trojan. The company has revised its estimate of infected downloads of the trojans down from 6,000 to under 700.
Is your business a social business? For helpful info and tips visit our hub.
- Windows 8.1 Update: an abject surrender
- The insane economics of Sky Now TV
- No such thing as a free app... so pay up if you want quality
- Time to outlaw crapware-laden installers
- Windows Phone 8.1 video: hands-on
- Office for iPad: key information
- Why every PC buyer owes Richard Durkin a debt of gratitude
- HTC One M8 vs Samsung Galaxy S5: 2014's big-hitters compared
- Windows XP end of life: key information
- Cut out the broadband jargon? What jargon?
- How to write your company's IT security policy
- The key to choosing a secure password
- Please stop reposting fake Facebook messages
- Is Facebook safe for business?
- Don't rely on Chrome's password vault
- Facebook Graph Search: don't panic
- Gmail drafts and Pastebin: could they evade the email snoops?
- Applying for a job at GCHQ? Here's your plain-text password
- Google two-step verification: a must for business email
- Yes, I write down my passwords