all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Malicious code in PDF Toolbox extension

Add to bookmarks
May 16, 2023, 2:41 p.m. |

Almost Secure palant.info

The PDF Toolbox extension for Google Chrome has more than 2 million users and an average rating of 4,2 in the Chrome Web Store. So I was rather surprised to discover obfuscated code in it that has apparently gone unnoticed for at least a year.


The code has been made to look like a legitimate extension API wrapper, merely with some convoluted logic on top. It takes a closer look to recognize unexpected functionality here, and quite some more effort …

chrome chrome web store code discover extension google google chrome malicious obfuscated pdf store web web store

Visit resource

More from palant.info / Almost Secure

Numerous vulnerabilities in Xunlei Accelerator application 2 months ago | palant.info
accelerator application china chrome +10
Implementing a “Share on Mastodon” button for a blog 6 months, 2 weeks ago | palant.info
articles blog button easier +11
A year after the disastrous breach, LastPass has not improved 8 months ago | palant.info
attackers breach community data +7
Chrome Sync privacy is still very bad 8 months, 1 week ago | palant.info
article bad chrome firefox +3
Why browser extension games need access to all websites 10 months, 3 weeks ago | palant.info
access browser browser extension browser extensions +12
Another cluster of potentially malicious Chrome extensions 11 months ago | palant.info
ad blockers called chrome chrome extensions +11
Introducing PCVARK and their malicious ad blockers 11 months ago | palant.info
adblock ad blocker ad blockers blocker +8
How malicious extensions hide running arbitrary code 11 months ago | palant.info
article avast chrome chrome web store +11
More malicious extensions in Chrome Web Store 11 months, 1 week ago | palant.info
article chrome chrome web store code +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Operations Engineer

@ Nokia | India
View on infosec-jobs.com

Machine Learning DevSecOps Engineer

@ Ford Motor Company | Mexico City, MEX, Mexico
View on infosec-jobs.com

Cybersecurity Defense Analyst 2

@ IDEMIA | Casablanca, MA, 20270
View on infosec-jobs.com

Executive, IT Security

@ CIMB | Cambodia
View on infosec-jobs.com

Cloud Security Architect - Microsoft (m/w/d)

@ Bertelsmann | Gütersloh, NW, DE, 33333
View on infosec-jobs.com

Senior Consultant, Cybersecurity - SOC

@ NielsenIQ | Chennai, India
View on infosec-jobs.com
View more jobs