Malware script detector detected Firefox Malware Exploiter via chrome protocol on htxps://accounts.google.com/ServiceLogin?service=devconsole&passive=1209600&continue=https%3A%2F%2Fcode.google.com%2Fapis%2Fconsole%2F&followup=https%3A%2F%2Fcode.google.com%2Fapis%2Fconsole%2F

Script is blocked, but where does this threat stem from? Anyone?
This was detected in Google Chrome Sandbox Version, see: http://userscripts-mirror.org/scripts/review/30284
Is this abused for DNS rebinding attacks when a default password is used?

An extension that is suspect as an AVG attack tool may be Crunch.
Is it this install where it comes from?

polonus

Attack is long existing, read: https://blog.mozilla.org/security/2008/01/22/chrome-protocol-directory-traversal/

polonus

With these blocked no alert: Blocked:

ssl.gstatic.com - Whitelist
htxps://ssl.gstatic.com/chrome/components/doodle-notifier-02.html
www.gstatic.com - Whitelist
htxps://www.gstatic.com/og/_/js/k=og.og.en_US.-QToZkIwAFc.O/rt=j/t=zcms/m=ld,sy57,d,sy72,gl,is,id,nb,nw,sb,sd,st,awd,sy64,p,vd,lod,eld,ip,dp,cpd/rs=AItRSTMkxB8bzdEYwDq2Se-yBGk9BxSa9A

polonus