We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

En savoir plus

Fake Adobe PDF addon installs with FF updates

Every time FF updates, upon restarting I have a page (URL: https://addonbrowser.com/open-with-adobe-pdf?v=1.2.3&type=install) which looks as if Adobe PDF Reader would be installed. It is trojan malware.

An American female voice invites me to call a phone number to have adware virus removed.

"http://www.ddinbb.ml is requesting your username and password. The site says: “MAC OS is infected with Viruses and other malicious applications. It is necessary to Call Apple Support 0800-404-8452. Viruses must be removed and sys…”"

I have to kill FF and restart again to shut it up.

How can I prevent this page from opening up after every update?

Every time FF updates, upon restarting I have a page (URL: https://addonbrowser.com/open-with-adobe-pdf?v=1.2.3&type=install) which looks as if Adobe PDF Reader would be installed. It is trojan malware. An American female voice invites me to call a phone number to have adware virus removed. "http://www.ddinbb.ml is requesting your username and password. The site says: “MAC OS is infected with Viruses and other malicious applications. It is necessary to Call Apple Support 0800-404-8452. Viruses must be removed and sys…”" I have to kill FF and restart again to shut it up. How can I prevent this page from opening up after every update?

Toutes les réponses (8)

hi, when you enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named startup.homepage_override_url to check if it has the offending website in it. if so, just right-click and reset this entry to its default value.

Thank you for the suggestion. The preference you refer to has no value (i.e. blank). I searched for "ddinbb" as well but it found nothing :(

What Extensions do you have installed as no version of desktop Firefox internal updates or downloads from mozilla.org have ever come with this.

Good question... and thank you.

I have just found Add-ons Manager and listed there is an extension called Open with Adobe PDF Reader 1.2.3 and a homepage of https://addonbrowser.com/open-with-adobe-pdf

To my untrained eye it looks suspect. Have just Googled and found there's a virus called Browser.addon I've run Malwarebytes before and its come up clean. Will deleting the extension get shot of this damn thing?

Uninstalling the extension will be a good start.

Addons.mozilla.org is the place to get Extensions. Check the reviews and what the support/homepage listing is before installing.

Normally extensions hosted at AMO are safe but some can get get through review to public.

The addonbrowser .com now mybrowseraddon .com seems to post extensions from AMO as their own.

A number from that site seemed to have been hosted on addons.mozilla.org but were removed after discovery of this malware or being a (modified) repost of a original extension hosted at AMO.


A extension under a similar name had a coin miner and was blocked months ago.

Coinminer malware in "Open with Adobe PDF Reader" extension https://bugzilla.mozilla.org/show_bug.cgi?id=1426582

Modifié le par James

Thanks yet again. Should I be worried that "Normally extensions hosted at AMO are safe but some can get get through review to public" ... sounds a little unsafe. That said, if one has installed the pukka Adobe Reader then I assume no extension is needed? Apologies, I'm showing my ignorance.

Just look at the reviews or do a review search on the addons and that should give you more info about it.

Extensions should never appear mysteriously without explanation, and everything you see listed on the Extensions panel of the Add-ons page is your choice to keep or toss, and your responsibility to manage. Don't let unknown software run on your system.

Most "open with" extensions are designed to connect links automatically to external programs so you don't need to interact with the download dialog. You don't need them, and they require installing non-reviewed external applications, so they are less safe than fully self-contained extensions.