Browser extension systems risk exposing APIs, which are too permissive and cohesive with the browser's internal structure, leaving a hole for malicious developers to exploit security-critical functionality. We pre...
详细信息
Browser extension systems risk exposing APIs, which are too permissive and cohesive with the browser's internal structure, leaving a hole for malicious developers to exploit security-critical functionality. We present a botnet framework based on malicious browser extensions and provide an exhaustive range of attacks that can be launched in this framework.
暂无评论