Closed
Bug 465049
Opened 16 years ago
Closed 16 years ago
Home Page listed for VideoDownloader 1.1.1 is malware infested
Categories
(addons.mozilla.org Graveyard :: Administration, defect)
Tracking
(Not tracked)
VERIFIED
WORKSFORME
4.0.4
People
(Reporter: philip.chee, Assigned: morgamic)
References
()
Details
The listed homepage for VideoDownloader 1.1.1 is http://videodownloader.net/ which redirects you to http://javimoya.com/blog/youtube_en.php. As soon as this page loads it tries to infect your computer with a variety of malware. Sometimes it pops up a phishing dialog claiming that your computer is infected and then offering to disinfect it for you. I didn't test to see exactly how many varieties of malware it tried to put on my PC.
Please remove all links to http://videodownloader.net/*
Reporter | ||
Comment 1•16 years ago
|
||
Additionally someone should audit the code for this extension to see if it does anything dodgy.
Reporter | ||
Updated•16 years ago
|
Summary: Hope Page listed for VideoDownloader 1.1.1 is malware infested → Home Page listed for VideoDownloader 1.1.1 is malware infested
Assignee | ||
Updated•16 years ago
|
Component: Public Pages → Administration
QA Contact: web-ui → administration
Assignee | ||
Comment 2•16 years ago
|
||
It is likely they have an XSS exploit on their site. I removed the URL.
Assignee | ||
Updated•16 years ago
|
Assignee: nobody → morgamic
Assignee | ||
Updated•16 years ago
|
Target Milestone: --- → 4.0.4
Assignee | ||
Comment 3•16 years ago
|
||
Also contacted the author about the URL removal.
Assignee | ||
Comment 4•16 years ago
|
||
No reply from author, but the link is fixed now and doesn't make phishing filters freak out. Reopen if you see anything fishy, but I think we're good here.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → WORKSFORME
Updated•9 years ago
|
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•