Windows 10 reached EOS (end of support) on October 14, 2025. If you are on Windows 10, see this article.

Avatar for Username

Przeszukaj pomoc

Unikaj oszustw związanych z pomocą.Nigdy nie będziemy prosić Cię o dzwonienie na numer telefonu, wysyłanie SMS-ów ani o udostępnianie danych osobowych. Zgłoś podejrzaną aktywność, korzystając z opcji „Zgłoś nadużycie”.

Więcej informacji

How do I escalate the presence of a malicious extension for removal from the store?

  • 3 odpowiedzi
  • 0 osób ma ten problem
  • 100 wyświetleń
  • Ostatnia odpowiedź od RealDeer

RealDeer
RealDeer

[Coupongogo: Automatic Coupons & Cashback](https://addons.mozilla.org/en-US/firefox/addon/coupongogo-automatic-coupons/) is a malicious extension programed with a command and control server located in China.

Despite [Firefox user reports](https://www.reddit.com/r/firefox/comments/1pl0u6m/malicious_addon_does_not_get_taken_down/), the extension remains available on the Mozilla addon store.

A [rastersec.com contributor explains](https://www.rastersec.com/blog/coupongogo-cryptostealer),

>\[Coupongogo\] operates as a remote-controlled time bomb, utilizing a dynamic configuration system to evade detection, hijack all search and browsing traffic, and wait for a server command to activate its dormant theft capabilities targeting major cryptocurrency exchanges.

Given the lack of success at securing the privacy and security of users by using the standard addon reporting tool, how can I escalate this matter to a responsible Mozilla party for triage?

[Coupongogo: Automatic Coupons & Cashback](https://addons.mozilla.org/en-US/firefox/addon/coupongogo-automatic-coupons/) is a malicious extension programed with a command and control server located in China. Despite [Firefox user reports](https://www.reddit.com/r/firefox/comments/1pl0u6m/malicious_addon_does_not_get_taken_down/), the extension remains available on the Mozilla addon store. A [rastersec.com contributor explains](https://www.rastersec.com/blog/coupongogo-cryptostealer), >\[Coupongogo\] operates as a remote-controlled time bomb, utilizing a dynamic configuration system to evade detection, hijack all search and browsing traffic, and wait for a server command to activate its dormant theft capabilities targeting major cryptocurrency exchanges. Given the lack of success at securing the privacy and security of users by using the standard addon reporting tool, how can I escalate this matter to a responsible Mozilla party for triage?

Wybrane rozwiązanie

Discussion of things related to addons.mozilla.org is done at https://discourse.mozilla.org/c/add-ons/35

Przeczytaj tę odpowiedź w całym kontekście 👍 0

Wszystkie odpowiedzi (3)

James
James
  • Moderator
  • Top 10 Contributor

Wybrane rozwiązanie

Discussion of things related to addons.mozilla.org is done at https://discourse.mozilla.org/c/add-ons/35

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 25 Contributor

The Add-ons team has a forum here: https://discourse.mozilla.org/c/add-ons/addons-mozilla-org/109

RealDeer
RealDeer Zadający pytanie

Thank you both for the helpful information.

The Mozilla team has acted on the reports.

Zadaj pytanie

Aby odpowiadać na posty, musisz zalogować się na swoje konto. Zadaj pytanie, jeśli nie masz jeszcze konta.