Opened 12 months ago

Closed 5 weeks ago

#77 closed FalseNegative (fixed)

Reported by: admin Owned by:
Priority: major Milestone: Release Candidate 1
Component: RPZ Version: 0.1
Severity: mild Keywords: spyware trackware malware


It has come to the daylight that several companies is recording and storing your credit card, username and password information without your knowledge or acceptance of this..

is include, but not limited to


By such huge leaks we simply have to block such bastard from the root domain level and up.

The following domains blocked by this ticket will be:


You can read more on this topic at:

  1. App Analysis: Air Canada on the
  2. Big-name travel apps may secretly record your iPhone screen, including credit card info on The Verge

We have by digging into one of the scripts in fellas don't joke around:

`{window._cls_config={reportURI:" 2F0C-2A18-F1B3-53935466C866/cls_report",recordMouseMoves:true,recordScrolls:true,idleEventTimeInterval:-1,maskList:["usaaNum"],interceptAjax:false,iframesAutoInject:false};}else`

Futhermore by going a big deeper on reveales that they use a number of generic domain to fetch the script:

you can find the unaltered detector-dom.min.js script at our

Attachments (0)

Change History (1)

Modify Ticket

as closed The ticket will remain with no owner.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment

E-mail address and name can be saved in the Preferences .
Note: See TracTickets for help on using tickets.