Closed
Bug 1351689
Opened 7 years ago
Closed 7 years ago
Look into blocklisting fr@fbt.ovh.xpi
Categories
(Toolkit :: Blocklist Policy Requests, enhancement)
Toolkit
Blocklist Policy Requests
Tracking
()
RESOLVED
FIXED
People
(Reporter: philipp, Assigned: jorgev)
Details
hi, we received a user report at https://support.mozilla.org/t5/Firefox/Possible-extension-virus-discovered/m-p/1383538#U1383538 linking some malicious behaviour to an extension with the ID "fr@fbt.ovh". i couldn't verify this on my own, but according to https://forums.malwarebytes.com/topic/198334-help-frsttxt-and-additiontxt/ this the extension's name for this ID is "Adobe Flash Player" which sounds suspicious in itself.
|
||
Comment 1•7 years ago
|
||
Flagging this to Jorge and Andreas.
Flags: needinfo?(jorge)
Flags: needinfo?(awagner)
| Comment hidden (obsolete) |
|
||
Comment 3•7 years ago
|
||
Yes, this should be blocked for stealing user credentials from high profile websites like facebook, apple, spotify, deezer, pandora....
Assignee: nobody → jorge
Flags: needinfo?(jorge)
Flags: needinfo?(awagner)
|
Assignee | |
Comment 4•7 years ago
|
||
Andreas, please stage the blocklist entry and I will review it.
Flags: needinfo?(awagner)
|
|
||
Comment 5•7 years ago
|
||
Done. This is my first blocklist request in kinto, please review carefully.
Flags: needinfo?(awagner)
|
||
Updated•7 years ago
|
Group: toolkit-core-security
|
|
Assignee | |
Comment 6•7 years ago
|
||
The block is now live.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•