all InfoSec news
Malicious code in PDF Toolbox extension
May 16, 2023, 2:41 p.m. |
Almost Secure palant.info
The PDF Toolbox extension for Google Chrome has more than 2 million users and an average rating of 4,2 in the Chrome Web Store. So I was rather surprised to discover obfuscated code in it that has apparently gone unnoticed for at least a year.
The code has been made to look like a legitimate extension API wrapper, merely with some convoluted logic on top. It takes a closer look to recognize unexpected functionality here, and quite some more effort …
chrome chrome web store code discover extension google google chrome malicious obfuscated pdf store web web store
More from palant.info / Almost Secure
Implementing a “Share on Mastodon” button for a blog
6 months, 2 weeks ago |
palant.info
Chrome Sync privacy is still very bad
8 months, 1 week ago |
palant.info
Why browser extension games need access to all websites
10 months, 3 weeks ago |
palant.info
More malicious extensions in Chrome Web Store
11 months, 1 week ago |
palant.info
Jobs in InfoSec / Cybersecurity
Security Operations Engineer
@ Nokia | India
Machine Learning DevSecOps Engineer
@ Ford Motor Company | Mexico City, MEX, Mexico
Cybersecurity Defense Analyst 2
@ IDEMIA | Casablanca, MA, 20270
Executive, IT Security
@ CIMB | Cambodia
Cloud Security Architect - Microsoft (m/w/d)
@ Bertelsmann | Gütersloh, NW, DE, 33333
Senior Consultant, Cybersecurity - SOC
@ NielsenIQ | Chennai, India