The infamous Light Mode vs Dark Mode battle has been waging for some time... I've always been a Dark Mode person, but now, I think I might be changing sides. A PDF Dark Mode converter extension I've used for some time turned out to be malicious, so I set out to determine how this happened and how I can prevent it from happening again.

Use Snyk for free to find and fix security issues in your applications today! https://snyk.co/ugLYn

✍️ Resources ✍️

• Palant Blog Post: https://palant.info/2024/10/30/the-karma-connection-in-chrome-web-store/
• DarkPDF GitHub Issue: https://github.com/ArshSB/DarkPDF
• Snyk Supply Chain Security: https://snyk.co/supply-chain-attacks

⏲️ Chapters ⏲️

00:00 - Why I Use Dark Mode

00:57 - How it happened

03:03 - Finding the cause of the malware

04:32 - So what was it doing?

05:39 - Analysing the malware's code

09:48 - What should I do?

09:58 - What should I ACTUALLY do?

11:56 - Outro

⚒️ About Snyk ⚒️

Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.

Learn more about Snyk: https://snyk.co/ugLYl

📱 Connect with Us 📱

🖥️ Website: https://snyk.co/ugLYl
🐦 X: http://twitter.com/snyksec
💼 LinkedIn: https://www.linkedin.com/company/snyk
💬 Discord: https://discord.gg/devsecops-community-918181751526948884

• ️ Subscribe: https://www.youtube.com/c/SnykSec
• 🔥 We're hiring! Check our open roles: https://snyk.co/ugLYp

🔗 Hashtags 🔗

#DevSecOps #darkmode #supplychain