Closed Bug 909433 Opened 11 years ago Closed 11 years ago

Malicious addon "Adobe FlashPlayer FF addon" needs blocklisting

Categories

(Toolkit :: Blocklist Policy Requests, defect)

Product:
Toolkit
Component:
Blocklist Policy Requests
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
2013-08-27

People

(Reporter: mhammell, Assigned: jorgev)

Details

Attachments

(1 file)

SA_Addon.xpi
2.12 KB, application/octet-stream
Details 
Hello,

The attached zip contains a sample of a malicious addon. It hijacks a victim's Facebook account and sends spam to their friends.

Thanks!
Facebook Security

MD5: a6bb9968142a2503566dc3ff79b3b7c5
Attached file SA_Addon.xpi 

    
    

    
  
ID: fplayer@adobe.flash

This add-on uses a misleading name and ID, which is enough for blocking it. However, all it really does is add a search engine pointing to yandex.com.tr. So, can you confirm the file matches what you're reporting?
Status: UNCONFIRMED → NEW
Ever confirmed: true

    
    

    
  
Blocked: https://addons.mozilla.org/en-US/firefox/blocked/i444
Assignee: nobody → jorge
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → 2013-08-27
Product: addons.mozilla.org → Toolkit

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: