Browser Extension Malware presented at Security B-Sides Denver 2010

by Tim Skorick (Red Rock Security),

Tags: Malware Security

Summary : In an age in which the PC exists almost exclusively for web use whether at work or at home, malware authors no longer have to puzzle how to trojan a computer: the browser offers fewer impediments, has an API that publishes every object they could possible want to hook, and contains the user's entire work and play experience. Add to that varying failures in client-side or enterprise-level controls and you have the perfect breeding ground for a growing species of malware.