Malicious extensions. Block them.
Reported by
l2mad...@gmail.com,
Mar 16 2017
|
|||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Steps to reproduce the problem: https://chrome.google.com/webstore/detail/unionmarket/dkkipfbdebjpkaloaacaggjclikldpck/reviews?hl=en https://chrome.google.com/webstore/detail/advastat/kboekomjjmngpgcafidjhggliigbajek/reviews?hl=en https://chrome.google.com/webstore/detail/aiomade/lepakgiipfgppjahfdehccpgeionjhmm/reviews?hl=en-GB https://chrome.google.com/webstore/detail/igxetools/gmolegidpdelamfeimmagfdgldkijjdn/reviews?hl=en What is the expected behavior? Virus extensions aimed at the site of the opskins. When you want to sell on the website, plugin sends you data about you on the server (on the fake one). Server creates the trade and sends you a response in html form and puts it on the website, so that you approve trade + it blocks the requests of opskins itself so that the trade (originaL) won't be sent to you. VIDEO https://www.youtube.com/watch?v=KKR0kx_To_M All these extensions operate on the same principle as on the video. Also, all data extensions are well-encrypted to avoid automatic virus checking. We ask for a ban. What went wrong? Also, all data extensions are well-encrypted to avoid automatic virus checking. We ask for a ban. WebStore page: https://chrome.google.com/webstore/detail/igxetools/gmolegidpdelamfeimmagfdgldkijjdn/reviews?hl=en Did this work before? No Chrome version: 56.0.2924.87 Channel: n/a OS Version: 10.0 Flash Version:
,
Mar 21 2017
Up
,
Mar 22 2017
l2madruu@ unable to open the links, which you provided.Getting 404 error. could you please provide a consistent manual repro steps to triage the issue from TE end. Thanks..
,
Mar 22 2017
https://chrome.google.com/webstore/detail/igxetools/gmolegidpdelamfeimmagfdgldkijjdn/reviews?hl=en https://chrome.google.com/webstore/detail/aiomade/lepakgiipfgppjahfdehccpgeionjhmm/reviews?hl=en-GB Everything opens for me. The rest of the links were blocked. Remained only these. Accelerate the free process How it works? 1. Install the extension 2. Go to opskins.com 3. Lay out the item for sale Instead of the opskins bot, the trade sends a fake bot that looks like this and steals the user's stuff. I recorded the video, the link above.
,
Mar 22 2017
Thank you for providing more feedback. Adding requester "sureshkumari@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Mar 24 2017
Unable to reproduce the issue on windows 10 with chrome reported version-56.0.2924.87 , stable-57.0.2987.110 & Canary-59.0.3050.0 as per comment#5 and above provided video. Steps followed: --------------- 1. Installed above 2 extensions. on chrome 2. Navigated to opskins.com 3. Registered & logged in with valid credentials. 4. Registered in steamcommunity.com & logged in successfully 5. Selected items in opskins.com but unable to proceed further as it is seeking wallet amount Hence assining to MTV team to look into this issue. Adding "TE-NeedsTriageFromMTV" label . Please find the attached screencast for reference. Thank you!!
,
Mar 24 2017
Good day. Thanks for devoting your time. Extension only works under the condition if you sell something, meaning you have to have skins, which you can put up for sale. In this case you are trying to buy from the market which isn’t the same thing. We have made a video which demonstrates how the extension works. https://www.youtube.com/watch?v=KKR0kx_To_M If the extension is installed – instead of a good bot, you are sent a fake bot which steals your items. If the extension is not installed then after selection of items for selling on the website and pressing the button “add to website” you will receive a proper trade from official bot that belongs to opskins. If you need additional information we have sent a letter to your e-mail.
,
Mar 26 2018
Issue has not been modified or commented on in the last 365 days, please re-open or file a new bug if this is still an issue. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by ranjitkan@chromium.org
, Mar 21 2017