GhostPoster Malware Infects Over 50,000 Firefox Users via Malicious Add-on Icons
Originally Published 27 days ago — by The Hacker News
A campaign named GhostPoster has compromised 17 Firefox add-ons, embedding malicious JavaScript to hijack affiliate links, inject tracking, and facilitate ad fraud, affecting over 50,000 downloads. The malware employs sophisticated evasion techniques, including delayed activation and random payload fetching, to monitor browsing, strip security headers, and enable remote code execution, highlighting ongoing threats from malicious browser extensions.