Opened on 03/12/2015 at 10:38:59 PM
Closed on 11/10/2017 at 11:15:18 AM
Last modified on 10/08/2019 at 05:28:42 PM
#2137 closed defect (rejected)
malicious addon adding custom filters in ABP
Reported by: | mapx | Assignee: | |
---|---|---|---|
Priority: | Unknown | Milestone: | |
Module: | Adblock-Plus-for-Firefox | Keywords: | |
Cc: | trev, greiner | Blocked By: | |
Blocking: | Platform: | Firefox | |
Ready: | no | Confidential: | no |
Tester: | Unknown | Verified working: | no |
Review URL(s): |
Description (last modified by mapx)
Environment
firefox 36
ABP 2.6.8
How to reproduce
well, a user reported some exception filters were added as custom filters
https://adblockplus.org/forum/viewtopic.php?f=1&t=28742
After scanning with malwarebytes antimalware, adwcleaner, checking his addons ... it seems to be an addon which installed another addon (Adbeaver) which can add those filters !
see here about adbeaver as ...malicious addon (trojan :O )
https://addons.mozilla.org/EN-us/firefox/addon/adbeaver/reviews/662460/
As I knew "By default the Mozilla Firefox (and other) browsers will not allow local files to be accessed from a web based application", so, how did manage that addon writing custom filters ?
-something similar is reported here:
https://adblockplus.org/forum/viewtopic.php?f=1&t=28602
but I don't know if it's about a standalone program which simply can add some filters to patterns.ini or something else.
For example ace stream player adds to firefox the custom filter
@@||aceadsys.net
So, probably ... it's not only adbeaver addon but some other program (dll ...) installed together that addon ?!
Attachments (0)
Change History (8)
comment:3 Changed on 03/13/2015 at 06:46:43 PM by greiner
- Cc greiner added
comment:4 Changed on 05/20/2015 at 02:22:39 PM by philll
- Platform changed from Firefox/Firefox Mobile to Firefox
Made Firefox and Firefox mobile available as seperate platforms.
comment:5 Changed on 08/14/2015 at 06:19:49 PM by trev
- Tester set to Unknown
- Verified working unset
Actually, AdBeaver is merely using IAdblockPlus to read the data - it writes by messing with patterns.ini directly however. IMHO this is a violation of AMO's "no surprises" policy.
comment:6 Changed on 08/14/2015 at 06:29:41 PM by trev
Nope, not just messing with patterns.ini, also adding filters via IAdblockPlus. Either way something that AMO should take care of this.
comment:7 Changed on 11/10/2017 at 11:15:18 AM by trev
- Resolution set to rejected
- Status changed from new to closed
Mass-closing all bugs in Adblock Plus for Firefox module, the codebase of Adblock Plus 3.0 belongs into Platform and User-Interface modules. Old bugs are unlikely to still apply.
comment:8 Changed on 05/29/2019 at 09:06:01 AM by takken3
spam
All of that is correct:
Basically, AdBeaver is using our public API to add custom filters. But even if we didn't have that API they'd still be able to modify the behavior of Adblock Plus by other means since extensions on Firefox are much more capable than on other platforms.