afrowidgets blacklist request from kerawa . com developpers

RESOLVED INVALID

Status

()

RESOLVED INVALID
3 years ago
3 years ago

People

(Reporter: info, Assigned: jorgev)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

83.21 KB, application/zip
Details
(Reporter)

Description

3 years ago
Created attachment 8626637 [details]
afrowidgets1.6.xpi

Hello Team

Hello

I am getting complaints from some of my afribaba's users from some African markets regarding kerawa afrowidgets firefox add-on.

In fact, when users install this kerawa add-on 
https://kerawa.com//rss_widget/browser-extensions/firefox/afrowidgets1.6.xpi

and visit most of the sites under www. afribaba .com like afribaba .cm afribaba .ci afribaba .sn afribaba .ga etc... they are redirected to competitors site at kerawa .com

After spying their extension, I can see that this is the intentional redirection they are continuing doing (all sites from www.afribaba.com)

They are using window.location.hostname
from ../resources/afrowidgets/data/js/redirection/config.js

{siteURL: 'afribaba.cd', targetURL: 'kerawa.com/congo-kinshasa-r42', },
{siteURL: 'afribaba.ci', targetURL: 'kerawa.com/cote-divoire-r43', },
{siteURL: 'afribaba.co.ke', targetURL: 'kerawa.com/kenya-r46', },
{siteURL: 'afribaba.cm', targetURL: 'kerawa.com/cameroun-r40', },
{siteURL: 'afribaba.sn', targetURL: 'kerawa.com/senegal-r55', },
{siteURL: 'afribaba.ga', targetURL: 'kerawa.com', },
{siteURL: 'afribaba.info', targetURL: 'kerawa.com', },
{siteURL: 'facebook.com/afribaba', targetURL: 'facebook.com/WaribaOnline', },
{siteURL: 'mercannunci.', targetURL: 'kerawa.com', },
{siteURL: 'mercanuncios.pt', targetURL: 'kerawa.com', },

Can you please take any action on the matter it is really harmful for users of afribaba? of course I have customers complaining on this issue being unable to access my sites

regards
Jacques
(Assignee)

Comment 1

3 years ago
It should be fairly obvious to users that the redirect is happening and which add-on is responsible for it. If they don't want that behavior they can disable or uninstall the add-on.

If the add-on is being silently installed into their systems, then we could consider blocking it. Given the provided information, there isn't enough to warrant a block.
Assignee: nobody → jorge
Group: client-services-security
Status: UNCONFIRMED → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → INVALID
(Reporter)

Comment 2

3 years ago
Hello

Which type of information would you like to have to warrant a block?

As much users are thinking our sites have merged with them?

Regards
(Reporter)

Comment 3

3 years ago
additionally, their description in the extension is to do another functionality but at the end it appears to have installed undesired redirection. 

Note: It isn't much easier for you to test it and see by yourself the effect?

Regards
(Reporter)

Updated

3 years ago
Group: client-services-security
(Assignee)

Comment 4

3 years ago
Here are the guidelines we use to decide if an add-on should be blocklisted: https://developer.mozilla.org/en-US/Add-ons/Add-on_guidelines. I already looked at its code and didn't see anything that is blocklist-worthy, but maybe I'm missing something.

Please don't add the security flag again. I removed it because it isn't appropriate for this bug.
Group: client-services-security

Comment 5

3 years ago
(In reply to info from comment #3)
> additionally, their description in the extension is to do another
> functionality but at the end it appears to have installed undesired
> redirection. 
> 
> Note: It isn't much easier for you to test it and see by yourself the effect?
> 
> Regards

The behavior itself isn't blockable. Can you show people saying they didn't know the addon was installed, or were tricked into installing the addon? That would be blockworthy.
(Reporter)

Comment 6

3 years ago
Hello

Unfortunately, they limit the one click installation by IP in Cameroun, Senegal, Ivory Coast, RD Congo and Gabon...(I am quite sure they fully know what they are doing) and we are getting complaints (from above countries) from users unable to access ours sites and after investigating it is due to that add-on. 

Just download the firefox add-on and you'll see they are intentionally doing the redirection just to confuse the users and make them use their websites other than using afribaba websites for example.

As from the information we got and we are getting and I have tested myself using some proxy servers which the above listed countries IP, when you open their site, they auto popup to install the firefox add-on and of course as you may know after clicking on "INSTALL NOW" 99% of people do not even know what to do next and are even unable to uninstall or disable.

I am 100% sure if the users from the above countries knew how to uninstall or to disable that add-on they shouldn't be contacting with such alarm.

So it is easy for you to say users should disable or whatever but I can tell you 99% do not even know how to do so.

Note: That redirection driving visitors out of afribaba sites is really annoying for us and we must do something. 

Maybe if you are unable to do something on your side, at least blocking the redirection behaviours. 
We must surely be obliged to also do some non-sense similar add-on to auto install in users browsers and block access to their site (simply the exact same way they are doing wish most of our sites).

For example, at Google Chrome that feature were remove and of course there is no way for them to host such malicious scripts into Chrome Store and I do think you must do the same thing at Firefox obliging all installable add-on be done only from firefox store at least to flight against such malicious behaviours or such scripts.

Good night
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.