Malicious addon "Fast Unlock" needs blocklisting

RESOLVED FIXED

Status

()

Toolkit
Blocklisting
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: MarkH, Assigned: jorgev)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [qa-])

Attachments

(1 attachment)

23.93 KB, application/octet-stream
Details
(Reporter)

Description

2 years ago
Hello,

The attached zip contains a sample of a malicious addon. It hijacks a victim's Facebook account and sends spam to their friends.

Thanks!
Facebook Security

MD5: dbd5241a393ef7c230f076cf132dd5a9
(Reporter)

Comment 1

2 years ago
Created attachment 8669348 [details]
malicious_addon_sample.zip

Password on the attachment is 'infected'.
(Assignee)

Comment 2

2 years ago
ID: a88a77ahjjfjakckmmabsy278djasi@jetpack
Assignee: nobody → jorge
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Whiteboard: [qa-]
(Assignee)

Comment 3

2 years ago
Blocked: https://addons.mozilla.org/en-US/firefox/blocked/i1034

Note this add-on passed automatic validation, so we should look into ways of flagging what it does. Maybe the obfuscated string in the contentScript property would be a good start.
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
(Assignee)

Comment 4

2 years ago
Forgot to link to the entry: https://addons.mozilla.org/en-US/admin/addon/manage/fast-unlock/
(Assignee)

Comment 5

2 years ago
These ones are similar, though none of them signed:
https://addons.mozilla.org/en-US/firefox/blocked/i1038
https://addons.mozilla.org/en-US/firefox/blocked/i1036
https://addons.mozilla.org/en-US/firefox/blocked/i1032
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.