Rootkits for JavaScript environments



FREE-DOWNLOAD B Adida, A Barth… – … of the 3rd USENIX conference on …, 2009
A number of commercial cloud-based password managers use bookmarklets to automatically
populate and submit login forms. Unfortunately, an attacker web site can maliciously alter the
JavaScript environment and, when the login bookmarklet is invoked, steal the user’s .