and has obfuscated code for creating and loading 3rd party iframes. The former has the same source code as FVD Video Downloader, and even uses the same secret frame injection. The first extension is called Ummy Video Downloader. It turns out that the add-on uses obfuscated code for various purposes such as creating a secret iframe injection, including potentially loading third-party iframes, and may even be used to execute malicious commands remotely.He also discovered a couple of other malicious add-ons that are hosted on Mozilla's AMO. Update: Juraj has posted a detailed analysis of FVD Video Downloader on reddit. Even popular apps like 1Password were not spared from this drama, well at least the reviewers are treating everyone equally. He also pointed out that many developers have complained about Mozilla's add-on review process. EndĪccording to a comment by Juraj Mäsiar, the developer of Group Speed Dial, Mozilla gives a 14-day grace period for add-on developers to fix issues with their extension, failing which results in automatic removal of the plugin from the add-on store. Update: The BlockTube extension is available again. The add-on developer has resubmitted their extension for review after making some more changes to the code. The compressed text editor code was replaced, and the add-on was submitted for review, but Mozilla rejected it again for using the eval function. That is literally what the extension is designed to do, to block and filter content. It was related to the eval function which the add-on was using for blocking content on YouTube. The BlockTube extension has also been removed from Mozilla's add-on repository. Its developer explained that the reason given for the add-on's removal was because it contains "minified, concatenated or otherwise machine-generated code". You may use the add-on's functionality by installing a user script using Violentmonkey or a similar extension (FYI: Tampermonkey is no longer open source). The plugin's developer has mentioned that the extension was also removed from the Edge add-ons store for violating their terms of service, well at least here we know that there was a clear breach of the rules. An add-on called Age Restriction Bypass for YouTube, suffered the same fate.
Some users on reddit were discussing how Mozilla has been silently removing extensions recently. Is Mozilla striking add-on developers unfairly with its banhammer? That's odd, isn't it? How could an outdated add-on suddenly start acting weird? Perhaps something changed in the backend, maybe the servers used to trigger the download were being redirected to the malicious domain? That should be enough for banning the extension, as it would clearly be a violation of the terms and conditions set by the AMO.
I couldn't find it on the Chrome web store, but there were 3 or 4 extensions named Flash Video Downloader, including one that has an icon which looks similar to an add-on that was found to inject ads on websites a few years ago.įVD Video Downloader's last version was 1.32, and it was updated on January 16th, 2019. The developer's name is FV Video, you can take a look at the add-ons's icon in the screenshot. I managed to access a Google cached version of the FVD Video Downloader add-on's page. Jokes aside, I wanted to learn more about the add-on, since I had never used it.
Maybe Mozilla doesn't like those initials, eh? The add-on seems to be unrelated to FVD Speed Dial, which coincidentally was also banned by Mozilla. A day later, the FVD Video Downloader has been delisted from Mozilla's add-ons store. Several users raised similar complaints on Mozilla's community portal. A few others chimed in, saying they were facing the same problem, and that removing the add-on solved their issue. Once they disabled the add-on, the browser worked normally. The user eventually figured out the cause of the problem, an add-on called FVD Video Downloader. They explained that the browser would load web pages, but after a few seconds would redirect them to the questionable site. They were perplexed by the issue, had tried troubleshooting it, from clearing cookies and the cache, and even going to the extent of deleting Firefox's folders. The issue came to light yesterday, when a user reported that Firefox kept redirecting them to a tracking site called "CDNSURE". Mozilla bans the FVD Video Downloader extension
0 kommentar(er)
