1483854 - Extension block request: lite-search-ff-unlisted@mozilla.com

Status: RESOLVED FIXED

(Toolkit :: Blocklist Policy Requests, enhancement)

Description

[Zitronella]

Extension name: Flash Lite
Extension UUID: lite-search-ff-unlisted@mozilla.com
Extension versions to block:1.1 (maybe other version exist?) 
Applications, versions, and platforms affected: 
Block severity: (hard/soft)hard

Homepage, AMO listing, other references and contact info: 
Directdownload from ****s://searchwebprivate.co/ext/flash_lite-1.1-an+fx.xpi

Reasons: Origin is from a phishing site. Sorry i forget the link.

Comment 1

[Philipp Kewisch [:Fallen][📱📆]]

These add-ons:

1) Have a remote script execution security vulnerability
2) Redirect searches, disrupting core Firefox features
3) Mask themselves as a "Flash Update" or similar
4) Use tracking mechanisms without consent

Given the circumstances they seem malicious in nature. I am blocking all add-ons by related developer accounts that have not already been blocked.

GUIDs (these are not actually Mozilla add-ons, obviously)
fastplayer@fastsearch.me
ff-search-flash-unlisted@mozilla.com
inspiratiooo-unlisted@mozilla.com
lite-search-ff-unlisted@mozilla.com
mysearchprotect-unlisted@mozilla.com
pdfconverter-unlisted@mozilla.com
plugin-search-ff-unlisted@mozilla.com
pro-search-ff-unlisted@mozilla.com
pro-search-unlisted@mozilla.com
searchincognito-unlisted@mozilla.com
socopoco-search@mozilla.com
socopoco-unlisted@mozilla.com
{08ea1e08-e237-42e7-ad60-811398c21d58}
{0a56e2a0-a374-48b6-9afc-976680fab110}
{193b040d-2a00-4406-b9ae-e0d345b53201}
{1ffa2e79-7cd4-4fbf-8034-20bcb3463d20}
{528cbbe2-3cde-4331-9344-e348cb310783}
{6f7c2a42-515a-4797-b615-eaa9d78e8c80}
{be2a3fba-7ea2-48b9-bbae-dffa7ae45ef8}
{c0231a6b-c8c8-4453-abc9-c4a999a863bd}

There may be more of this kind, this is all I could find for the moment.

Comment 2

[Philipp Kewisch [:Fallen][📱📆]]

The block has been staged. Andreas, can you review?

Comment 3

[Andreas Wagner [:TheOne] [use NI]]

Done.