Mozilla, Opera, and Google Pull Malicious Extension
Subject: General Tech | July 6, 2018 - 09:12 PM | Scott Michaud
Tagged: Opera, mozilla, google, firefox, chrome
I don’t think this should surprise anyone, but it’s good to report on none-the-less. There was a popular browser extension, called Stylish, that allowed users to customize the pages that they visit, and share those customizations with their friends. It’s a cool concept, but it was later sold to another company. That new owner changed the extension to monitor its users.
Mozilla, Opera, and Google slapped it across the jaw with a banhammer.
If you go to Mozilla’s Firefox Add-ons site, Opera's Add-ons site, or Google’s Chrome Web Store, you will get a 404. If you already installed the extension, it will be removed from your browser. As such, you probably don’t need to worry about it, because the browser vendors went DEFCON 1 on it.
But just in case you haven’t yet got the kill signal (because you’re behind a limited VPN or something) be sure to remove “Stylish” from your browser.
This also raises the point about curated app stores: review isn't perfect. Sometimes malicious software can go unnoticed for years. It's best not to get too complacent.