Created attachment 635191 [details] 20120620_credito_m.zip password is malwares4mple User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5 Steps to reproduce: Installed "credito.xpi" Actual results: On each page load: Injects some JS via toolbarOverlay.xul in the FF add-on: http://22.214.171.124/~juninba1/Creditos/oi2.js oi2.js: injects the contents of http://126.96.36.199/~juninba1/Creditos/lol.txt as a <script> tag lol.txt: spams out "Eu nunca mais pago por SMS e TORPEDO CURTE AI ASUHAUHSHAUS >> http://www.facebook.com/pages/"+Math.floor((Math.random()*100)+1)+"/3093858 85808050?sk=app_139478552796147" has the victim like a Facebook page Expected results: It shouldn't access your Facebook session and post repeatedly as you, without your consent.
is there any way how i can get this unplugged??i have been having trouble with my facebook game apps and i think this is the problem
(In reply to firstname.lastname@example.org from comment #3) > is there any way how i can get this unplugged??i have been having trouble > with my facebook game apps and i think this is the problem Please visit our support site for problem resolutions: http://support.mozilla.com/.