The domain dictionaryext.xyz is blocked because it is a search hijacker that delivers a forced Firefox extension. This potentially unwanted program (PUP) is forced on users because they are unable to leave the site until they have installed the extension.
When users enter this domain, they are unable to close the tab unless they kill the Firefox process. The criminals behind dictionaryext.xyz keep users on the site through a series of login prompts and social engineering.
If users don’t kill the process and install the extension, Malwarebytes detects it as PUP.Optional.ForcedInstalledExtensionFF. This family of extensions downloads additional code in the form of a json file from other domains. This can result in search hijacks, coin mining, and anything else the threat actor may come up with.
Malwarebytes blocks both the domain itself as well as the domains that are contacted for additional instructions.
Should users wish to visit a blocked domain and exclude it from being blocked, they can add it to the exclusions list. Here’s how to do it.
The Exclusions tab includes a list of items to be excluded from scans. The items may include files, folders, websites, or applications that connect to the Internet, as well as previously detected exploits. To access the exclusions in Malwarebytes: