I don’t think this should surprise anyone, but it’s good to report on none-the-less. There was a popular browser extension, called Stylish, that allowed users to customize the pages that they visit, and share those customizations with their friends. It’s a cool concept, but it was later sold to another company. That new owner changed the extension to monitor its users.
Mozilla, Opera, and Google slapped it across the jaw with a banhammer.
If you go to Mozilla’s Firefox Add-ons site, Opera's Add-ons site, or Google’s Chrome Web Store, you will get a 404. If you already installed the extension, it will be removed from your browser. As such, you probably don’t need to worry about it, because the browser vendors went DEFCON 1 on it.
But just in case you haven’t yet got the kill signal (because you’re behind a limited VPN or something) be sure to remove “Stylish” from your browser.
This also raises the point about curated app stores: review isn't perfect. Sometimes malicious software can go unnoticed for years. It's best not to get too complacent.
nope
.avi
nope
.avi
Phuck! Removed tout suite.
Phuck! Removed tout suite.
I switched to “Stylus” well
I switched to “Stylus” well over a year ago because of this.
I had it installed on both
I had it installed on both Mozilla & Chrome… Mozilla is my main browser, and it notified me 3 days ago via the first pop-up ever: announcing “the Extension was malicious.”
So KUDOS to Mozilla for being so fast to react! Because I loaded up Chrome, and I didn’t get any warnings. But I deleted it from Chrome anyways, because “security reasons.”
Your article would be better
Your article would be better if you mentioned why the extension is malicious.