Mozilla recently blocked malicious Firefox add-ons called Bypass and Bypass XM that were installed by 455,000 users.

The add-ons in question used the API to intercept and redirect web requests, preventing users from performing several actions, including downloading updates, updating remotely configured content, and accessing updated block lists.

Although Mozilla did not specify whether the two add-ons would do anything else malicious in the background, Bleeping Computer’s research into the nature of the two add-ons showed that they would likely use a reverse proxy to bypass paywall websites.

Mozilla has also added a system add-on that is hidden and impossible to disable known as Proxy Failover.

The new add-on prevents similar malicious add-ons from abusing the same API and prevents attempts to interfere with update mechanisms of current and older Firefox versions.

To ensure that other users are not affected, Mozilla recommended that they upgrade their web browsers to at least the latest version of Firefox 93.