Last Comment Bug 766852 - Malicious "Aplicativo" add-on
: Malicious "Aplicativo" add-on
Status: RESOLVED FIXED
:
Product: Toolkit
Classification: Components
Component: Blocklisting (show other bugs)
: unspecified
: All All
: -- normal (vote)
: ---
Assigned To: Jorge Villalobos [:jorgev]
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-20 22:51 PDT by MarkH
Modified: 2016-03-07 15:30 PST (History)
5 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
20120620_credito_m.zip password is malwares4mple (28.14 KB, application/octet-stream)
2012-06-20 22:51 PDT, MarkH
no flags Details

Description MarkH 2012-06-20 22:51:10 PDT
Created attachment 635191 [details]
20120620_credito_m.zip password is malwares4mple

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5

Steps to reproduce:

Installed "credito.xpi"


Actual results:

On each page load: 

Injects some JS via toolbarOverlay.xul in the FF add-on:
http://64.31.12.85/~juninba1/Creditos/oi2.js

oi2.js:
injects the contents of http://64.31.12.85/~juninba1/Creditos/lol.txt as a
<script> tag

lol.txt:
spams out "Eu nunca mais pago por SMS e TORPEDO CURTE AI ASUHAUHSHAUS >>
http://www.facebook.com/pages/"+Math.floor((Math.random()*100)+1)+"/3093858
85808050?sk=app_139478552796147"

has the victim like a Facebook page



Expected results:

It shouldn't access your Facebook session and post repeatedly as you, without your consent.
Comment 1 Jorge Villalobos [:jorgev] 2012-06-21 09:22:30 PDT
Id: {28bfb930-7620-11e1-b0c4-0800200c9a66}
Comment 2 Jorge Villalobos [:jorgev] 2012-06-21 09:24:49 PDT
Blocked: https://addons.mozilla.org/en-US/firefox/blocked/i108
Comment 3 gina_te01@yahoo.com 2012-06-25 02:26:05 PDT
is there any way how i can get this unplugged??i have been having trouble with my facebook game apps and i think this is the problem
Comment 4 Jorge Villalobos [:jorgev] 2012-06-26 13:49:08 PDT
(In reply to gina_te01@yahoo.com from comment #3)
> is there any way how i can get this unplugged??i have been having trouble
> with my facebook game apps and i think this is the problem

Please visit our support site for problem resolutions: http://support.mozilla.com/.

Note You need to log in before you can comment on or make changes to this bug.