Google has blocked a plugin what to do?

[rdbox]

opened the browser and I got a message plugin blocked because it contains dangerous software

as well as removed and the Google webstore store

[tallpeak]

Me too; it says "This extension contains malware."

My two guesses, so far, for why Google finds it suspicious:

• handling of keystroke events in dnd.js
• injecting ads into the user's page? If I understand the code...also in dnd.js

[rsparkyc]

Yep, I just got this too. I also don't see a way to force it to run, but I honestly haven't used this in a long time.

[PlanterPlant]

There is also this: https://bugzilla.mozilla.org/show_bug.cgi?id=1633390 which says that it is "executing remote code" which is against Firefox's rules.

Beyond that, I'm curious to know exactly in what way this is malware, what code was being executed, if that was an actual malware issue or just a rule that was broken but harmless, and if there's anything that users should do as a precaution.

[KENNYSOFT]

Maybe this one is build from code in here: https://chrome.google.com/webstore/detail/view-xml/geikflidhgdlfgmfoheimkibmodlipeh

[michaelblyons]

Executes remote code: this?

https://github.com/Samirla/xmlview/blob/f2cc936d31cb59efd6a79b05dd992dab3c1d09fb/extensions/chrome/controller.js#L6

[keithdtyler]

https://github.com/Samirla/xmlview/commit/e3ad3d454f4ffaae902dfeddfe1c3c82ca90b61c