Closed Bug 1670795 Opened 4 years ago Closed 4 years ago

Browser hijack with color picker

Categories

(Core :: DOM: Core & HTML, defect)

Product:
Core
Component:
DOM: Core & HTML
Version:
Firefox 81
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1666131

People

(Reporter: jukka.alasalmi, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0

Steps to reproduce:

My browser got hijacked due to an advertisement at https://interdorry.com/10/click/1/?source=3423137&csum=8heeLeeEevjHckYnZz-OZrEBkkznMMVzp-Th_2Cw1XNb8FpemG8qyZ8CrhJndc2lK1FQYXQIFvLBggjgl4XoJg%2C%2C&_subid=2se2mrn1cfan20netp5m&_token=uuid_2se2mrn1cfan20netp5m_2se2mrn1cfan20netp5m5f84b5a1540376.44223618

Actual results:

I got constant popups, where a color picker was also opened. I think this is related to preventing quickly closing the page. It was very difficult to close the window, but I was finally able to do so in the task bar. This was some sort of scam site emulating providing a Firefox update, but in reality it would have installed some sort of malware. I'm running Firefox on Windows 10.

Expected results:

I should have been able just to close the Firefox window.

Sadly the page redirects to a random page. Do you happen to have the actual attack page saved? This is also basically a dupe of bug 1666131 were such an attack was theorized.

Component: Untriaged → DOM: Core & HTML
Product: Firefox → Core
Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE

Unfortunately I was not able to get the source code of the page, as I was completely unable to interact with the site at all. If I stumble upon such a site again, I will try harder to get the source of the page, too.

You need to log in before you can comment on or make changes to this bug.