Now that I read more about your app I can see why criminals would want to subver... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		redwards510 on April 10, 2015 \| parent \| context \| favorite \| on: Someone is distributing fake versions of my app wi... Now that I read more about your app I can see why criminals would want to subvert it. You are replacing the top (ad) search result on every search engine with one that has been verified by sitetruth.com. If I were a criminal I would love to slightly modify your code to point to my own ad server, thus letting me earn affiliate bucks. Then install the addon via drive-by download. The users wouldn't remember installing it, but they might not remove it either, due to the pleasant-sounding name.

_asummers on April 11, 2015 | [–]

Is this not the same vector used for the GitHub DDOS, just in a slightly different form?

kokozom on April 11, 2015 | [–]

Maybe installation was done by Firefox add-on updates?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact