Aug 26, 2024 at 12:40 PM

Pidgin removes malicious plugin containing keylogger and sharing screenshots

Pidgin, the popular multiprotocol chat program, recently discovered a malicious plugin named ss-otr that contained a keylogger and shared screenshots with unauthorized parties. The plugin was added to Pidgin's third-party plugins list on July 6th. On August 16th, a user reported the suspicious behavior, prompting Pidgin to quietly remove the plugin and initiate an investigation. By August 22nd, Pidgin confirmed the presence of the keylogger in the malicious plugin.

Users who installed the ss-otr plugin are advised to uninstall it immediately. The plugin's lack of source code and provision of only binaries went unnoticed initially. To prevent future incidents, Pidgin will now require all linked plugins to have an OSI Approved Open Source License and undergo a safety verification process.

Aug 26, 2024 by Paul

duttyend found this interesting

MORE ABOUT: #Instant Messengers #Video Calling Apps #Group Chat Apps #Pidgin

Pidgin

1520

Instant Messenger
Free • Open Source

Pidgin is an instant messaging program that allows you to log into multiple chat networks simultaneously. Rated 3.7, it supports various protocols, making it possible to chat with friends on XMPP while participating in IRC channels. Pidgin is highly extensible through plugins and extensions. Top alternatives include Element, Matrix.org, and Jitsi Desktop.

All news about Pidgin »

External links

Malicious plugin found in Pidgin
Pidgin • Official source

No comments so far, maybe you want to be first?