Malware-stealing add-on had been downloaded nearly 2,000 times before it was detected. Mozilla yanked the malicious “Mozilla Sniffer” add-in from its servers Monday. Mozilla also notified users of a critical security vulnerability in the popular “CoolPreviews” Add-ons are only scanned for known malware, but Mozilla said it is trying to come up with a plan to review add-ons’ source code. Mozilla: All current users should receive an uninstall notification within a day or so.”]
Source: https://www.csoonline.com/article/2125275/mozilla-yanks-password-stealing-firefox-add-on.html