Closed Bug 754648 Opened 13 years ago Closed 13 years ago

Malicious Facebook - "Remove My Timeline" add-on

Categories

(Toolkit :: Blocklist Policy Requests, defect)

Product:
Toolkit
Component:
Blocklist Policy Requests
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: wolfmark2000, Assigned: jorgev)

Details

User Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.66 Safari/535.11 Steps to reproduce: I entered: http://removemytimeline.com/ Thinking its a facebook web site that will remove my facebook time line. It made me install this file: http://removemytimeline.com/remove_my_timeline.xpi http://removemytimeline.com/remove_my_timeline.crx Actual results: It started to spam my my wall, friends wall, inbox, etc - sharing with bitly.com short link the web site http://removemytimeline.com/ all without your knowledge or consent every few minutes. My friend wall: http://i.imgur.com/IAxLt.jpg My wall: http://i.imgur.com/UECRP.jpg Also I noticed that it spying after me and after everyone who installed this add-on by running in the background: http://whos.amung.us/swidget/googlestatic.gif http://whos.amung.us/stats/googlestatic/ - Show the actual stats. It should not post Facebook messages, sharing or like pages without your knowledge or consent. Expected results: It should have remove my time line only.
Summary: Malicious Facebook exter "Remove My Timeline" → Malicious Facebook add-on - "Remove My Timeline"
Summary: Malicious Facebook add-on - "Remove My Timeline" → Malicious Facebook - "Remove My Timeline" add-on
Id: crossriderapp4926@crossrider.com
Assignee: nobody → jorge
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Blocked: https://addons.mozilla.org/en-US/firefox/blocked/i91
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
(In reply to Mark Wolf from comment #0) > User Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.11 (KHTML, like > Gecko) Chrome/17.0.963.66 Safari/535.11 > > Steps to reproduce: > > I entered: http://removemytimeline.com/ > Thinking its a facebook web site that will remove my facebook time line. > It made me install this file: > http://removemytimeline.com/remove_my_timeline.xpi > > http://removemytimeline.com/remove_my_timeline.crx > > > > Actual results: > > It started to spam my my wall, friends wall, inbox, etc - sharing with > bitly.com short link the web site http://removemytimeline.com/ all without > your knowledge or consent every few minutes. > > My friend wall: > http://i.imgur.com/IAxLt.jpg > My wall: > http://i.imgur.com/UECRP.jpg > > Also I noticed that it spying after me and after everyone who installed this > add-on by running in the background: > http://whos.amung.us/swidget/googlestatic.gif > http://whos.amung.us/stats/googlestatic/ - Show the actual stats. > > It should not post Facebook messages, sharing or like pages without your > knowledge or consent. > > > > Expected results: > > It should have remove my time line only. there is nothing wrong with this addon me and my friends have been using it it's no scam nothing at all wrong with it most people hate the facebook updates they hate the timeline this is an amazing addon now unblock it!
(In reply to Jorge Villalobos [:jorgev] from comment #2) > Blocked: https://addons.mozilla.org/en-US/firefox/blocked/i91 www.removemytimeline.com/remove_my_timeline.xpi is working again, they have changed the id.
Resolution: FIXED → INVALID
If they changed their id and they are doing anything malicious, please file a separate bug.
Resolution: INVALID → FIXED
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.