原文刊載於 Mozilla Blog
Add-on security vulnerability announcement引言回覆:
An add-on called “Mozilla Sniffer” was uploaded on June 6th to addons.mozilla.org. It was discovered that this add-on contains code that intercepts login data submitted to any website, and sends this data to a remote location. Upon discovery on July 12th, the add-on was disabled and added to the blocklist, which will prompt the add-on to be uninstalled for all current users.
…
一個名為 "Mozilla Sniffer" 的擴充套件在六月六日被上傳到 addons.mozilla.org,這款擴充套件被發現包含了惡意程式碼,會竊取用戶的帳號資料並傳送到任何其他站台;此套件已於七月十二日被下架並加入黑名單中,已經安裝的用戶將會被提示解安裝。
這玩意兒被下載了大約一千八百次,俺是其中一個… -_-"
--
下次安裝實驗性套件前,最好先看一下程式碼。(話說 Fasterfox 也實驗超久的)
登入
註冊
問答集
搜尋
