[Owasp-board] OWASP tied to trojaned Firefox Add-on
tomb at owasp.org
Thu Jul 15 19:03:00 UTC 2010
they are talking about
On Thu, Jul 15, 2010 at 2:59 PM, Matt Tesauro <matt.tesauro at owasp.org> wrote:
> Can you look though your list of people who have started OWASP projects
> and see if this is an official OWASP project?
> If so, please reach out to the project leader and let them know about
> the situation. Hopefully, they can update their Firefox Add-on
> collection quickly.
> "I was giving the OWASP Firefox Security Collection a try, installed a
> bundle of extensions unknown to me ..."
> Apparently the trojaned Add-on looked for any submitted login
> credentials and submitted them to a specific IP along with the URL and
> some other meta-data.
> -- Matt Tesauro
> OWASP Board Member
> OWASP Live CD Project Lead
> http://AppSecLive.org - Community and Download site
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
More information about the Owasp-board