Windows 10 reached EOS (end of support) on October 14, 2025. If you are on Windows 10, see this article.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How do I escalate the presence of a malicious extension for removal from the store?

  • 3 replies
  • 0 have this problem
  • 100 views
  • Paskiausią atsakymą parašė RealDeer

RealDeer
RealDeer

[Coupongogo: Automatic Coupons & Cashback](https://addons.mozilla.org/en-US/firefox/addon/coupongogo-automatic-coupons/) is a malicious extension programed with a command and control server located in China.

Despite [Firefox user reports](https://www.reddit.com/r/firefox/comments/1pl0u6m/malicious_addon_does_not_get_taken_down/), the extension remains available on the Mozilla addon store.

A [rastersec.com contributor explains](https://www.rastersec.com/blog/coupongogo-cryptostealer),

>\[Coupongogo\] operates as a remote-controlled time bomb, utilizing a dynamic configuration system to evade detection, hijack all search and browsing traffic, and wait for a server command to activate its dormant theft capabilities targeting major cryptocurrency exchanges.

Given the lack of success at securing the privacy and security of users by using the standard addon reporting tool, how can I escalate this matter to a responsible Mozilla party for triage?

[Coupongogo: Automatic Coupons & Cashback](https://addons.mozilla.org/en-US/firefox/addon/coupongogo-automatic-coupons/) is a malicious extension programed with a command and control server located in China. Despite [Firefox user reports](https://www.reddit.com/r/firefox/comments/1pl0u6m/malicious_addon_does_not_get_taken_down/), the extension remains available on the Mozilla addon store. A [rastersec.com contributor explains](https://www.rastersec.com/blog/coupongogo-cryptostealer), >\[Coupongogo\] operates as a remote-controlled time bomb, utilizing a dynamic configuration system to evade detection, hijack all search and browsing traffic, and wait for a server command to activate its dormant theft capabilities targeting major cryptocurrency exchanges. Given the lack of success at securing the privacy and security of users by using the standard addon reporting tool, how can I escalate this matter to a responsible Mozilla party for triage?

Chosen solution

Discussion of things related to addons.mozilla.org is done at https://discourse.mozilla.org/c/add-ons/35

Skaityti atsakymą kartu su kontekstu 👍 0

All Replies (3)

James
James
  • Moderator
  • Top 10 Contributor

Chosen Solution

Discussion of things related to addons.mozilla.org is done at https://discourse.mozilla.org/c/add-ons/35

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 25 Contributor

The Add-ons team has a forum here: https://discourse.mozilla.org/c/add-ons/addons-mozilla-org/109

RealDeer
RealDeer Klausimą uždavęs asmuo

Thank you both for the helpful information.

The Mozilla team has acted on the reports.

Užduoti klausimą

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.