Hello,
I am the developer behind the addon referenced on this page:
https://addons.mozilla.org/fr/firefox/addon/cookie-quick-manager/
This addon is in development and is hosted on this GitHub page under GPL v3+ license:
Since a few days a copy appeared on AMO:
https://addons.mozilla.org/fr/firefox/addon/cookie-manager-pro/
The resemblance is obvious and the license is clearly not respected.
If the modifications were only a change of appearance, I could have have stopped there, but I decided to compare the codes. Apart from the removal of the French translations, I see this in the diff concerning the file ‘manifest.json’:
+ content_scripts": [
+ {
+ "matches": ["*://*/*"],
+ "js": ["background.js"]
+ }
+ ],
Command used:
diff -ru my_code/ its_code/ > diff. txt
Command to download this addon:
wget https://addons.mozilla.org/firefox/downloads/file/832938/cookies_manager_pro-1.0-an+fx.xpi
The file ‘background.js’ contains minified and obviously malicious code, which is not mine and inherits the permissions of my addon to access the content of all the pages visited by users.
What to do about this problem?
Thanks for reading me!