Mozilla announced the removal from the addons.mozilla.org (AMO) catalog of two add-ons - Bypass and Bypass XM, which had 455 active installations and were positioned as add-ons for providing access to materials distributed through a paid subscription (Paywall bypass). To modify the traffic in the add-ons, the Proxy API was used, which allows you to control the web requests made by the browser. In addition to the declared functions, these add-ons used the Proxy API to block calls to Mozilla servers, which prevented downloading updates to Firefox and led to the accumulation of unpatched vulnerabilities that could be used by attackers to attack users' systems.
It is noteworthy that in addition to preventing the receipt of updates to Firefox versions, as a result of the activities of the add-ons in question, the update of remotely configured browser components was also disrupted and access to block lists was denied, which made it possible to disable malicious add-ons already installed on user systems. Users are advised to check the current version of the browser - if the settings do not specifically disable automatic updates and the version is different from Firefox 93 or 91.2, you should update manually. In new releases of Firefox, the Bypass and Bypass XM add-ons are already blacklisted, so after updating the browser they will be disabled automatically.
To protect against future placement of malicious add-ons that block the download of updates and blacklists, starting from Firefox 91.1, changes were made to the code to implement direct calls to the download servers and check for updates if the request through the proxy was unsuccessful. To extend protection to users of all versions of Firefox, a forced installation of the Proxy Failover system add-on has been prepared, which prevents incorrect use of the Proxy API to block Mozilla services. Until the proposed method of protection is widely distributed, acceptance of new addons using the Proxy API to the addons.mozilla.org directory is suspended.
Source: opennet.ru