[Guest]

Just a heads up for those sys admins who might be using the IE Tab Plus (3.6+) in a corporate enviroment (lan/intranets/webguis etc)
or you just value your security and privacy,
the current update being pushed out for this Firefox Addon is also installing without notice
components that capture all URLs/refferers visited as well as numerous other user statistics and
transmit them back to superfish dot com via a hidden https XSS request (3600000ms)

if you have these files in your profiles extensions subdirectories located in
\yourFFprofiledirectory\extensions\ietab@ip.cn\components

nsSuperfishComponent.js (5.4k)
nsSuperfishProgressListener.js (15.7k)
nsSuperfishStatistics.js (16.5K)
nsSuperfishUtils.js (60.8k)

then you have the spyware installed

and a few users who have also spotted this security risk
https://addons.mozilla.org/en-US/firefo ... ws/?page=1

there is a patched version (Lastest release v1.95.20100930 (Clean version, NO Window Shopper plugin)) which is without this spyware here
http://coralietab.mozdev.org/installation.html

but this version isn't currently being pushed out via mozilla addon updates , the spyware one is! (cant find any way of reporting any malicious addons to mozilla?)
if you have this addon and have automatically updated in the last few days/weeks you most probably have this

suggest Administrators either uninstall it completely and use a more trustworthy alternative (eg. IE Tab 2) or update manually to the newer version from the mozdev url above

An-Admin

[Gingerbread Man]

cant find any way of reporting any malicious addons to mozilla?

• Bug writing guidelines
• Mozilla Add-ons Forum

I suggest you ask on the aforementioned forum before filing a bug report, considering that the extension is hosted by the author and such extensions are not reviewed by Mozilla. Whoops. I was looking at the wrong extension page.

[Alan Baxter]

the extension is hosted by the author and such extensions are not reviewed by Mozilla.

Why do you say that? It has a green "Add to Firefox" button on IE Tab Plus (FF 3.6+) :: Add-ons for Firefox and IE Tab Plus (FF 3.6+) :: Versions :: Add-ons for Firefox. An extension that hasn't been reviewed has a brown button which explicitly states that it hasn't been reviewed by AMO. That extension doesn't appear to be self-hosted either. The "Add to Firefox" button links to https://addons.mozilla.org/en-US/firefo ... latest.xpi

[L.A.R. Grizzly]

there is a patched version (Lastest release v1.95.20100930 (Clean version, NO Window Shopper plugin)) which is without this spyware here
http://coralietab.mozdev.org/installation.html

I've also noticed that after uninstalling the adware version and installing the clean version, the adware preference panel still shows up. You need to delete the Firefox cache folder to completely get rid of the adware version.

Delete this folder:

WinXP:

Documents and Settings\<username>\Local Settings\Application Data\Mozilla <delete this folder

[GTryder]

the current update being pushed out for this Firefox Addon is also installing without notice
components that capture all URLs/refferers visited as well as numerous other user statistics and
transmit them back to superfish dot com via a hidden https XSS request

The NoScript extension has a feature for Anti-XSS protection.

[Guest]

If the FF community doesn't find a way to police this all FF add-ons and FF itself will get a bad reputation among consumers.

But it isn't just consumers FF has to worry about.

The security industry rule for legitimate software is that no hidden add-ons are allowed to be bundled, that each bundled product be approved of by the user. It is okay to not permit an unbundled installation, but the consumer must concent to the each bundled part.

Otherwise AV software can report it as malware.

You see this rule implemented when you install Java or Flashplayer.

[keith2468a]

I had the no-malware IE Tab installed.

It automatically updated to the malware IE Tab when the next version automatically installed.

So installing the no-malware IE Tab is not a solution, because it just switches you to the malware version when an update occurs.

[keith2468a]

It would greatly speed up dealing with problem add-ons (intentional or malware, bad coding or bundled) if the FF Add-on manager generated a log of add-on installs, updates, disables and uninstalls.

I'm thinking that would just be a few lines of code, and low overhead since it would only be executed when changes occur.

I've made the suggestion to Hendrix here:
https://support.mozilla.com/en-US/questions/759016

[thinkOfANumber]

No version of IE Tab will ever be a solution, because the developer has proven himself to be a criminal and has lost all trust. Do you really want to install software provided to you by a guy that intentionally allowed third party spammers to steal your information and time without your consent?

It would make as much sense as catching a burglar in your home and then inviting him to babysit your kids.

The guy should be trialed and sentenced like any other petty criminal.

[LoudNoise]

thinkOfANumber-

Kindly tone down the passion or at least the rhetoric.

[Daifne]

Also, you need to be clear about the extension being discussed here. IE Tab died a while ago. IE Tab 2 and IE Tab Plus came out to fill the gap. IE Tab 2 has never had an issue. The one being discussed here is IE Tab Plus. All three different extensions.

[ron111]

Go to ie tab plus options, select basic mode. Should take care of it. The latest build of ie tab plus asks about installing this shopper feature. It check marks the box to enable it unless you select basic mode.

Run the "A2 Anti-Malware" free version and run it to make sure there's no spam. It's very good at finding all kinds of junk.

[Guest]

Why is there no "report spyware/malicious extension" button on the addons.mozilla.org page?

[LoudNoise]

You would need to take this up with AMO (Add-ons Mozilla.org)

[Tony-E]

Why is there no "report spyware/malicious extension" button on the addons.mozilla.org page?

You could ask about that in the AMO Feedback section of the Mozilla add-ons forum - https://forums.addons.mozilla.org/viewforum.php?f=20