Malicious "FB color changer" addon

RESOLVED FIXED in 2013-08-06

Status

()

Toolkit
Blocklisting
RESOLVED FIXED
5 years ago
2 years ago

People

(Reporter: MarkH, Assigned: jorgev)

Tracking

unspecified
2013-08-06
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

58.06 KB, application/octet-stream
Details
(Reporter)

Description

5 years ago
Created attachment 786402 [details]
app.xpi

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36

Steps to reproduce:

Downloaded from a malicious website


Actual results:

Once installed, the addon hijacks your Facebook and Ask.fm accounts and spam friends using obfuscated / shortened URLs.


Expected results:

It shouldn't hijack your accounts and send messages to friends without your consent.
(Assignee)

Comment 1

5 years ago
ID: lugcla21@gmail.com
Assignee: nobody → jorge
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
(Assignee)

Comment 2

5 years ago
Blocked: https://addons.mozilla.org/firefox/blocked/i432
Status: ASSIGNED → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → 2013-08-08
(Assignee)

Updated

5 years ago
Duplicate of this bug: 903538
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.