All these extensions had over 87 million downloads. However, inside this extension interesting “additional functionality” was discovered: the plugin accessed a serasearchtopcom site, from where it loaded arbitrary code on all pages viewed by the user," it continued.Īccording to the blog post, Palant found "a couple dozen" extensions on the Chrome Web Store accessing the same server. Once you paste the URL on its downloading bar, click the search icon to proceed with the URL analyzing. Open a new tab in the browser and go to XXXSave Downloader. "PDF Toolbox boasted an impressive user base and good reviews, with close to two million downloads and an average score of 4.2. First, go to Xhamster and copy the URL of the Xhamster video you wish to download and play locally instead of online. At first glance, it was a perfectly respectable plugin for converting Office documents and performing other simple operations with PDF files," said Kaspersky in the blog post. "It all began when cybersecurity researcher Vladimir Palant found an extension called PDF Toolbox containing suspicious code in the Chrome Web Store. Kaspersky Palant found an "additional functionality" Additional investigations turned up a total of 34 harmful extensions, each of which was advertised as performing a particular function.Īlthough the browser add-ons have already been taken down from the Chrome Web Store, Kaspersky is quick to stress that users should check the list of suspicious add-ons and take any harmful ones off their devices because they will still be present. The company's investigation was sparked by the discovery of the PDF Toolbox plugin, which allowed users to view any page and have any code placed on it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |