Closed Bug 465049 Opened 16 years ago Closed 16 years ago

Home Page listed for VideoDownloader 1.1.1 is malware infested

Categories

(addons.mozilla.org Graveyard :: Administration, defect)

defect
Not set
major

Tracking

(Not tracked)

VERIFIED WORKSFORME

People

(Reporter: philip.chee, Assigned: morgamic)

References

()

Details

The listed homepage for VideoDownloader 1.1.1 is http://videodownloader.net/ which redirects you to http://javimoya.com/blog/youtube_en.php. As soon as this page loads it tries to infect your computer with a variety of malware. Sometimes it pops up a phishing dialog claiming that your computer is infected and then offering to disinfect it for you. I didn't test to see exactly how many varieties of malware it tried to put on my PC. Please remove all links to http://videodownloader.net/*
Additionally someone should audit the code for this extension to see if it does anything dodgy.
Summary: Hope Page listed for VideoDownloader 1.1.1 is malware infested → Home Page listed for VideoDownloader 1.1.1 is malware infested
Component: Public Pages → Administration
QA Contact: web-ui → administration
It is likely they have an XSS exploit on their site. I removed the URL.
Assignee: nobody → morgamic
Target Milestone: --- → 4.0.4
Also contacted the author about the URL removal.
No reply from author, but the link is fixed now and doesn't make phishing filters freak out. Reopen if you see anything fishy, but I think we're good here.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → WORKSFORME
Verified WFM too.
Status: RESOLVED → VERIFIED
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.