150+ Fake Mozilla Extensions — One Backend & Paid Media

Media blamed “Russian bears” for 150+ fake Mozilla extensions. Our findings show Nigerian infrastructure (IP 185.208.156.66), recycled phishing kits, and how paid articles helped spread the myth.