Mozilla has disabled a popular volume booster extension for Firefox after discovering it was injecting advertisements into certain websites. The extension did not appear to carry out more serious actions, such as stealing login credentials or deploying spyware, but the discovery still raised concerns among users.
According to available reports, the extension’s behavior was limited to affiliate ad injection, meaning it inserted advertising links into specific sites in order to generate revenue. While this practice is widely considered deceptive, it is generally less severe than malware designed to steal data or compromise accounts.
Even so, the incident has unsettled some users who had the extension installed. Several people have asked whether they should scan their computers or change their passwords as a precaution. Based on what has surfaced so far, security experts say that may not be necessary, since there is no evidence that the extension attempted credential theft or other aggressive activity.
Meanwhile, some users are pointing to an alternative version of the same extension that has existed since at least 2023. This privacy-focused fork reportedly removes the advertising and tracking code found in the original version. In a Reddit discussion, users have been recommending the fork as a replacement, and a Mozilla contributor reportedly confirmed that the description of the fork’s changes appears accurate.
The situation may not be entirely new. A discussion on Mozilla’s community forum in 2021 previously raised concerns about potentially malicious code within the extension, suggesting the warning signs had surfaced earlier. It remains unclear whether Mozilla investigated those reports at the time or if action was only taken recently.
The issue gained wider attention after a user shared a screenshot of Firefox disabling the extension in a post on X, which has since drawn significant attention online. The post, available here, has accumulated more than 200,000 views and helped spread awareness of the problem.
For users who previously installed the extension, the recommended step is simple: remove it from Firefox and switch to a safer alternative, such as the privacy-focused fork or another trusted volume control tool.