Browser extension hijacks Facebook profiles

Discussion in 'malware problems & news' started by ronjor, May 11, 2013.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,778
    Location:
    Texas
  2. guest

    guest Guest

    Is it hijacking legit extensions or is it an already malicious extension to begin with? :doubt: If it's the later then Google Store needs to be tightened up a bit (or a lot :argh: ).

    EDIT: I read it wrong. So now I'm wondering if the malicious extension is available on Google Store or installed from other websites. :doubt:
     
  3. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Funny article... They mention a malicious extension targeting Chrome and Firefox, yet they fail to mention how it installs in the first place.

    I'm not sure about Firefox (there's been sometime since I last tried it, and no longer recall if it warns the user about extensions trying to install), but Chromium/Chrome no longer allow installation of extensions outside of Chrome Web Store. So, either the user downloaded it from elsewhere and installed it, or the extension was in the Chrome Web Store and Google failed to prevent it. But, considering that Mozilla has a great extension vetting process, I believe the users had to download it elsewhere.

    The article does mention a link: -hxxp://u-pont.info/updates/<removed>/BL-chromebrasil.crx/xpi (Chrome and Firefox extensions respectively).

    Anyway, while something like this is always bad, it seems to me advertisement against Chrome and Firefox. But, hey... :blink:
     
  4. guest

    guest Guest

    There is a mystery that has not been solved to me until now. Does Chrome sandbox its extensions. That might be helpful for this kind of situation.

    Which one, The Blue E, The Red O, or The Compass of a Fruit? :D
     
  5. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
  6. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  7. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    See also: -
    Facebook attacked with credential-harvesting malware
    http://www.cso.com.au/article/461848/facebook_attacked_credential-harvesting_malware/
     
Loading...
Thread Status:
Not open for further replies.