Pidgin Users Beware! Malicious Plugin Discovered with Keylogger

Summary: The messaging client Pidgin has removed a malicious third-party plugin, “ss-otr,” after it was found to contain a keylogger that captured users’ keystrokes and screenshots. The incident has prompted Pidgin to implement stricter security measures for third-party plugins to protect its users.

Threat Actor: Unknown | unknown
Victim: Pidgin Users | Pidgin Users

Key Point :

  • The “ss-otr” plugin was flagged for suspicious behavior, including unauthorized screenshot capture.
  • Cybersecurity expert Johnny Xmas confirmed the presence of a keylogger in the plugin.
  • Pidgin has advised users to uninstall the plugin immediately to prevent further data compromise.
  • New security policies will require third-party plugins to adhere to OSI Approved Open Source Licenses.
  • The Pidgin team will enforce stricter due diligence on all plugins to ensure user safety.

In a recent and alarming development, the popular messaging client Pidgin has removed a third-party plugin, “ss-otr,” from its plugin list after it was discovered to contain a malicious keylogger. The plugin, which was added to Pidgin’s third-party plugins list on July 6th, was flagged by a user, 0xFFFC0000, on August 16th, who reported suspicious behavior, including the unauthorized capture and sharing of screenshots.

The Pidgin team acted swiftly, pulling the plugin from the list and launching a thorough investigation. On August 22nd, cybersecurity expert Johnny Xmas confirmed that the plugin was indeed equipped with a keylogger, a tool used to secretly record every keystroke made by a user, potentially exposing sensitive information such as passwords and private messages.

This discovery has raised significant concerns within the Pidgin community, as the plugin was available for over a month before its true nature was uncovered. The Pidgin team has strongly advised all users who installed the “ss-otr” plugin to uninstall it immediately to prevent further compromise.

In response to this breach, Pidgin has announced a new policy to strengthen the security of its ecosystem. Moving forward, all third-party plugins linked on Pidgin’s site must adhere to an OSI Approved Open Source License, and the Pidgin team will enforce a higher level of due diligence to ensure the safety and integrity of all plugins.

Related Posts:

Source: https://securityonline.info/pidgin-users-beware-malicious-plugin-discovered-with-keylogger