Closed Bug 726787 Opened 13 years ago Closed 13 years ago

Malicious "Plug VDS"add-on

Categories

(Toolkit :: Blocklist Policy Requests, defect)

Product:
Toolkit
Component:
Blocklist Policy Requests
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: mhammell, Assigned: jorgev)

Details

Attachments

(1 file)

20120213 rdzonemusic.zip
198.65 KB, application/octet-stream
Details
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_2) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.46 Safari/535.11 Steps to reproduce: Downloaded the add-on from http://rdzonemusic.net/oso/queryf.xpi Actual results: Injects youtube.js from the plugin -> http://www.rdzonemusic.net/g.js -> http://rdzonemusic.net/t/ht.js ht.js: injects an iframe from voltor.info and then injects http://www.rdzonemusic.net/t/et.js et.js: Injects an iframe for http://howiludie.info/final3.php Creates a bit.ly link to: ['http://video-latina.bligoo.com.py/', 'http://video-latina.bligoo.co.uk/ Sends your <email> to http://allinfree.net/geti.php?mid Gets your friend list from /ajax/typeahead/first_degree.php Posts to 35 of your friends via /ajax/profile/composer.php Has you join an event (event ID is currently blank) Spams your online friends in chat via /ajax/chat/send.php Injects http://rdzonemusic.net/t/like.js like.js: Has you like "271909596213940", "339547816084766" via /ajax/pages/fan_status.php Expected results: It should not steal your Facebook cookies and send messages to your friends without your consent.
em:id="youtubeer@youtuber.com"
Assignee: nobody → jorge
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
https://addons.mozilla.org/en-US/firefox/blocked/i66
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: