Closed
Bug 1190832
Opened 9 years ago
Closed 9 years ago
Block Malicious Extension "Video Fix"
Categories
(Toolkit :: Blocklist Policy Requests, defect)
Toolkit
Blocklist Policy Requests
Tracking
()
RESOLVED
DUPLICATE
of bug 1190963
People
(Reporter: facefollowbr, Unassigned)
Details
Attachments
(1 file)
34.03 KB,
application/zip
|
Details |
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36 Steps to reproduce: Hello. I represent a security firm that works for companies like several banks and Facebook Ltd. There is a domain registered inside Godaddycom for a Facebook Virus that uses a Firefox and Chrome Extension for install as you can see it here in this Phishing address example: http://orti1.com/ff <- This is a phishing website for install Firefox malicious extension (you need to open using Firefox) This malicious extension uses Facebook profiles and hijacks Facebook Token (same as user password) to widespread inside users wall without his permission. Malicious Extension ID: hha8771ui3-Fo9j9h7aH98jsdfa8sda@jetpack.xpi Inside the malicious extension, there are several calls to the address "inslike.info" as you can see in the example: https://www.inslike.info/core/link.php Inside the address http://inslike.info/k.js you can see several calls to domain, based in deliver hijacked user data and such as post routine to Facebook walls. Shut those address down, those cybercriminals are already being investigated by local security agencies and they reside inside Turkey. Any questions please feel free to reply to my email. Thank you
Updated•9 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → DUPLICATE
Assignee | ||
Updated•9 years ago
|
Product: addons.mozilla.org → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•