Closed Bug 725777 Opened 13 years ago Closed 13 years ago

Malicious "Facebook!" add-on

Categories

(addons.mozilla.org :: Security, defect)

Product:
addons.mozilla.org
Component:
Security
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: mhammell, Assigned: jorgev)

Details

Attachments

(1 file)

20120208 Facebook theme.zip
58.72 KB, application/octet-stream
Details
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_2) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.46 Safari/535.11 Steps to reproduce: Downloaded the XPI from http://stalkers.jiteshkakkar.com/install.xpi Actual results: After install, it injects youtube.js from the add-on, which is packed, to inject http://stalkers.jiteshkakkar.com/script.php script.php is JS, which steals your Facebook cookies, grabs your friends list and has you share a link to http://stalkers.jiteshkakkar.com/video.php?<uid> to your wall. Expected results: It shouldn't steal your cookies and post messages to Facebook without your permission.
Assignee: nobody → jorge
Component: Blocklisting → Add-on Security
QA Contact: blocklisting → security
em:id="royal@facebook.com" em:creator="Mark" :P
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
https://addons.mozilla.org/en-US/firefox/blocked/i64
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: