Closed Bug 1351689 Opened 8 years ago Closed 8 years ago

Look into blocklisting fr@fbt.ovh.xpi

Categories

(Toolkit :: Blocklist Policy Requests, enhancement)

Product:
Toolkit
Component:
Blocklist Policy Requests
Type:
enhancement
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: philipp, Assigned: jorgev)

Details

hi, we received a user report at https://support.mozilla.org/t5/Firefox/Possible-extension-virus-discovered/m-p/1383538#U1383538 linking some malicious behaviour to an extension with the ID "fr@fbt.ovh". i couldn't verify this on my own, but according to https://forums.malwarebytes.com/topic/198334-help-frsttxt-and-additiontxt/ this the extension's name for this ID is "Adobe Flash Player" which sounds suspicious in itself.
Flagging this to Jorge and Andreas.
Flags: needinfo?(jorge)
Flags: needinfo?(awagner)
Yes, this should be blocked for stealing user credentials from high profile websites like facebook, apple, spotify, deezer, pandora....
Assignee: nobody → jorge
Flags: needinfo?(jorge)
Flags: needinfo?(awagner)
Andreas, please stage the blocklist entry and I will review it.
Flags: needinfo?(awagner)
Done. This is my first blocklist request in kinto, please review carefully.
Flags: needinfo?(awagner)
Group: toolkit-core-security
The block is now live.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.