Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons
The browser maker urged devs to "exercise extreme caution and scrutiny" when reviewing seemingly legitimate emails from senders pretending to be Mozilla or AMO (addons.mozilla.org).
Although phishing emails can take many forms, Moz said this campaign usually lures devs into clicking through a malicious link to update their account. Failure to do so, or so the crims claim, would result in the dev losing access to developer features.
The company did not specify the motivations behind the phishing attacks, although it can be reasonably assumed that if developers are being targeted, gaining access to trusted developer accounts is likely the game plan.
Mozilla was also quiet on the scale and success of the phishers' efforts thus far, but given the spate of scammy extensions targeting crypto users of late, gaining access to trustworthy developer accounts could be used to push more of these credential-stealing add-ons.
Lukasz Olejnik, an independent security and privacy researcher, said there are many of these extensions about, with new ones popping up regularly. Their primary aim is to steal seed phrases, which can be used to remotely recover and take control of wallets.
