Closed Bug 781088 Opened 12 years ago Closed 12 years ago

Malicious "Youtube" addon

Categories

(Toolkit :: Blocklist Policy Requests, defect)

Product:
Toolkit
Component:
Blocklist Policy Requests
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED FIXED
Milestone:
2013-06-20

People

(Reporter: mhammell, Assigned: jorgev)

Details

Attachments

(1 file)

20120807_video4552_m.zip (password malwares4mple)
63.76 KB, application/octet-stream
Details
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.57 Safari/537.1 Steps to reproduce: Installed the attached add-on Actual results: Analysis of plugin.xpi: Injects youtube.js from within the addon youtube.js: Injects http://feedbuzz.info/js.php js.php: Uses one of these two for its spam link blogs[0] = 'http://youtube-snakes.tumblr.com/?'; blogs[1] = 'https://dl.dropbox.com/u/76699623/Youtube/Youtube%20theme.html/?'; Posts spam to Facebook via the following endpoints on FB: http://www.facebook.com/ajax/connect/external_edge_comment.php http://www.facebook.com/ajax/connect/external_node_connect.php Expected results: It should not steal information from your Facebook session and then spam your friends, without your consent.
Assignee: nobody → jorge
Status: UNCONFIRMED → NEW
Ever confirmed: true
Target Milestone: --- → 2013-06-20
Blocked: https://addons.mozilla.org/en-US/firefox/blocked/i374
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Verified as fixed in https://addons.mozilla.org/ on FF21 (Win 7). The add-on has been blocked. Closing bug.
Status: RESOLVED → VERIFIED
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: