Closed Bug 713050 Opened 14 years ago Closed 14 years ago

Malicious "Free Cheesecake Factory" Add-On

Categories

(Toolkit :: Blocklist Policy Requests, defect)

Product:
Toolkit
Component:
Blocklist Policy Requests
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: mhammell, Assigned: fligtar)

References

(
URL
)

Details

(Whiteboard: [extension][hardblock])

Attached file malicious_addon.zip
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_2) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.63 Safari/535.7 Steps to reproduce: The third-party add-on "Free Cheesecake Factory" is malicious is actively generating spam on Facebook. It steals the user's browser cookies for Facebook and sends out numerous messages on the users behalf. It also takes actions to hide its activity by injecting an overlay image into the DOM when the user attempts to view their news feed in Facebook. The malicious plugin and the JS files it loads remotely are attached. Actual results: Installed the malicious "Free Cheesecake Factory" add-on and it resulting in spam being posted to a Facebook account.
Assignee: nobody → fligtar
UUID youtube@youtube2.com
Status: UNCONFIRMED → NEW
Ever confirmed: true
Whiteboard: [extension][hardblock]
yes, I midaired you and didn't care :p
Blocked in production. https://addons.mozilla.org/en-US/firefox/blocked/i47
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Yikes, this add-on had 600,000 users and was growing about 50,000 per day until it was blocked.
Please file these bugs in Blocklisting component in the future.
Component: Add-on Security → Blocklisting
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.