top of page
perceptive_background_267k.jpg

GhostPoster attacks hide malicious JavaScript in Firefox addon logos

Published:

16 december 2025 om 22:17:46

Alert date:

17 december 2025 om 08:01:42

Source:

bleepingcomputer.com

Click to open the original link from this advisory

A new cybercrime campaign called 'GhostPoster' is distributing malicious Firefox extensions that hide JavaScript code within addon logo images. The campaign has achieved over 50,000 downloads across multiple malicious extensions. The malware monitors browser activity and establishes backdoor access to infected systems. The attack technique involves steganography to conceal malicious code within image files, making detection more difficult. This represents an active threat to Firefox users who install extensions from unofficial sources.

Technical details

Mitigation steps:

Affected products:

Mozilla Firefox

Related links:

https://www.bleepingcomputer.com/news/security/ghostposter-attacks-hide-malicious-javascript-in-firefox-addon-logos/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page