| ||Someone is distributing fake versions of my app with malware|
185 points by Animats on Apr 10, 2015 | hide | past | web | favorite | 20 comments |
|I have a Firefox plug-in, "Ad Limiter". Recently, the number of users as logged by Mozilla's AMO site began to climb rapidly. When Firefox checks for updates daily, it reports the installed plug-ins to Mozilla, and Mozilla publishes those statistics.|
The rate of increase in users exceeds the number of downloads. At first I thought Mozilla's statistics system was broken. But that's not the problem.
Someone is apparently distributing some form of malware which seems to be impersonating Ad Limiter. They're using Ad Limiter's Mozilla AMO ID number, but a random version number. (Real version numbers are 1.3 to 2.0. Fake version numbers range from 2.17.71 to 1009.99.992. All bogus versions have three-number versions, while all legitimate versions have two-number versions.
All this is inferred from Firefox statistics logging. We haven't seen the actual malware yet. If anyone has a copy of Firefox with Ad Limiter installed, and the version isn't between 1.3 and 2.0, we'd really like to see it. Please save a copy of the Firefox add-ons directory before deleting the bogus add-on, and send a copy of the bogus add-on to "email@example.com". We want to see what this malware is doing in our name. Thanks.
| Apply to YC