Related blog content
New Chrome and Firefox extensions block their removal to hijack browsers
The domain dictionaryext.xyz is blocked because it is a search hijacker that delivers a forced Firefox extension. This potentially unwanted program (PUP) is forced on users because they are unable to leave the site until they have installed the extension.
When users enter this domain, they are unable to close the tab unless they kill the Firefox process. The criminals behind dictionaryext.xyz keep users on the site through a series of login prompts and social engineering.
The site displays a login prompt.
The site keeps repeating this prompt.
The website claims you need to update Firefox.
If users don’t kill the process and install the extension, Malwarebytes detects it as PUP.Optional.ForcedInstalledExtensionFF. This family of extensions downloads additional code in the form of a json file from other domains. This can result in search hijacks, coin mining, and anything else the threat actor may come up with.
Malwarebytes blocks both the domain itself as well as the domains that are contacted for additional instructions.
Malwarebytes blocks any connection to this domain.
Malwarebytes blocks the connection to the domains that provide the code for the extension.
Should users wish to visit a blocked Domain and exclude it from being blocked, they can add it to the exclusions list. Here’s how to do it.
Select your language