affiliate-fraud

Researchers at Koi Security uncovered the GhostPoster campaign, which hides a JavaScript loader inside Firefox extension icon images to fetch an obfuscated payload that can hijack affiliate links, inject tracking, strip security headers and conduct ad and click fraud; Mozilla said it removed the affected extensions and updated detection systems.