"Malware Delivered via Malicious Pidgin Plugin, Signal Fork"

Threat actors have been delivering malware to users of instant messaging apps. They have used a malicious Pidgin plugin and an unofficial fork of the Signal app. On August 22, the Pidgin messaging app's developers informed users that they had discovered a malicious plugin called "ScreenShare-OTR (ss-otr)" on the official third-party plugins list. The plugin was found to include keylogging code. It also sent screenshots to its operators. This article continues to discuss findings regarding threat actors' delivery of malware through instant messaging apps.

SecurityWeek reports "Malware Delivered via Malicious Pidgin Plugin, Signal Fork"

Submitted by grigby1