GhostPoster Malware Infects Over 50,000 Firefox Users via Malicious Add-on Icons

December 17, 2025 at 08:14 AM

•

1 min read

GhostPoster Malware Infects Over 50,000 Firefox Users via Malicious Add-on Icons — Photo: The Hacker News

TL;DR Summary

A campaign named GhostPoster has compromised 17 Firefox add-ons, embedding malicious JavaScript to hijack affiliate links, inject tracking, and facilitate ad fraud, affecting over 50,000 downloads. The malware employs sophisticated evasion techniques, including delayed activation and random payload fetching, to monitor browsing, strip security headers, and enable remote code execution, highlighting ongoing threats from malicious browser extensions.

Topics:technology #ad-fraud #browser-security #firefox-extensions #ghostposter #malware #security

Share this article

GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads The Hacker News
17 Firefox extensions promise free VPN, weather, translation tools, but hide malware in their icons cybernews.com
New GhostPoster Attack Leverages PNG Icon to Infect 50,000 Firefox Users CybersecurityNews
GhostPoster attacks hide malicious JavaScript in Firefox addon logos BleepingComputer
Firefox Hit by GhostPoster Malware via Innocent-Looking PNG Icon Cyber Press

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 4 min read

Condensed

91%

633 → 57 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights