Issue metadata
Sign in to add a comment
|
Viruses in extensions. People lose money.
Reported by
l2mad...@gmail.com,
Mar 8 2017
|
||||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Steps to reproduce the problem: 1.https://chrome.google.com/webstore/detail/uniontrade/njlpjhpiacdkmgpigeaelamkfadhipkd 2. https://chrome.google.com/webstore/detail/ta/iokhmekjclbaieflhfpdnkfkiglfkjbi?hl=en-US 3. https://chrome.google.com/webstore/detail/everymarket/iipipehombcckponnfapjfhkadkccehh?hl=ru What is the expected behavior? Data spreads malicious, please block them! They wind up reviews and use fake ratings. Their code contains a special script, which instead of a real bot, sends a bot fake. And people lose a lot of money every day. We also sent an email to James Wagner, please, let him read =) What went wrong? Data spreads malicious, please block them! They wind up reviews and use fake ratings. Their code contains a special script, which instead of a real bot, sends a bot fake. And people lose a lot of money every day. We also sent an email to James Wagner, please, let him read =) WebStore page: https://chrome.google.com/webstore/detail/uniontrade/njlpjhpiacdkmgpigeaelamkfadhipkd Did this work before? Yes Chrome version: 56.0.2924.87 Channel: stable OS Version: 10.0 Flash Version:
,
Mar 8 2017
Unable to reproduce the issue on Windows 7 using chrome version 56.0.2924.87.Able to add the Union trade extension and not observed any malicious after adding. l2madruu@ Please provide us the details what the exact issue you are facing with this extension and expected behaviour.If possible provide us the screen cast for better understanding the issue. Thanks,
,
Mar 8 2017
Thank you for providing more feedback. Adding requester "kavvaru@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Mar 10 2017
Thanks for the video. Could any one from extensions team please look into this issue. Thanks,
,
Mar 10 2017
,
Mar 10 2017
Found. Have deciphered. Found a malicious code. We removed the video. Waited for a response from the support of Google Chrome all this for 1 day. Wait for the lock extensions - infinity.
,
Mar 10 2017
Both extensions have parts of source JavaScript code intentionally obfuscated which can be seen by inspecting the CRX file. I didn't install them though but the very fact of obfuscation looks suspicious. I don't understand why Chrome WebStore doesn't have automatic filters to detect and block extensions with obfuscated code. Or maybe those filters are outdated and need periodic facelifts.
,
Mar 10 2017
Reporter, use "report abuse" link on the extension page: two of the 4 reported extensions are already removed.
,
Mar 10 2017
Bro. At them this function does not work. Report system is the worst development.
,
Mar 10 2017
I've used "report abuse" several times, it works, but it takes time. Maybe they have some threshold so that a human looks at the extension once it was reported like three times (guessing).
,
Mar 15 2018
Issue has not been modified or commented on in the last 365 days, please re-open or file a new bug if this is still an issue. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by nyerramilli@chromium.org
, Mar 8 2017