Mozilla Issues Warning About Phishing Attacks Aimed at Add-On Developers

Mozilla has issued a warning to browser extension developers regarding an active phishing campaign targeting accounts on its official Add-ons Mozilla (AMO) repository. The AMO platform hosts over 60,000 browser extensions and more than 500,000 themes, utilised by millions of users globally. According to Mozilla’s advisory, these phishing emails impersonate the AMO team, claiming that targeted developer accounts require updates to maintain access to essential development features. Mozilla cautioned the developer community to exercise extreme caution when receiving emails that appear to be from Mozilla or AMO. Phishing emails typically contain messages stating, “Your Mozilla Add-ons account requires an update to continue accessing developer features.”

To safeguard their accounts, developers are advised to verify that emails originate from a legitimate Mozilla domain, such as firefox.com, mozilla.org, or mozilla.com, and to ensure they pass standard email authentication checks, including SPF, DKIM, and DMARC. Mozilla also recommends that developers navigate directly to its websites instead of clicking on links in suspicious emails and only enter their login credentials on official Mozilla or Firefox domains. While the scale of this phishing campaign remains undisclosed, at least one developer has reported falling victim. Mozilla plans to provide updates as more information becomes available. This warning follows the recent announcement of a new security feature aimed at blocking malicious Firefox extensions that target cryptocurrency wallets.