Closed Bug 766852 Opened 12 years ago Closed 12 years ago

Malicious "Aplicativo" add-on

Categories

(Toolkit :: Blocklist Policy Requests, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: mhammell, Assigned: jorgev)

Details

Attachments

(1 file)

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5

Steps to reproduce:

Installed "credito.xpi"


Actual results:

On each page load: 

Injects some JS via toolbarOverlay.xul in the FF add-on:
http://64.31.12.85/~juninba1/Creditos/oi2.js

oi2.js:
injects the contents of http://64.31.12.85/~juninba1/Creditos/lol.txt as a
<script> tag

lol.txt:
spams out "Eu nunca mais pago por SMS e TORPEDO CURTE AI ASUHAUHSHAUS >>
http://www.facebook.com/pages/"+Math.floor((Math.random()*100)+1)+"/3093858
85808050?sk=app_139478552796147"

has the victim like a Facebook page



Expected results:

It shouldn't access your Facebook session and post repeatedly as you, without your consent.
Id: {28bfb930-7620-11e1-b0c4-0800200c9a66}
Assignee: nobody → jorge
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Blocked: https://addons.mozilla.org/en-US/firefox/blocked/i108
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
is there any way how i can get this unplugged??i have been having trouble with my facebook game apps and i think this is the problem
(In reply to gina_te01@yahoo.com from comment #3)
> is there any way how i can get this unplugged??i have been having trouble
> with my facebook game apps and i think this is the problem

Please visit our support site for problem resolutions: http://support.mozilla.com/.
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: