The problem seems to exist in the vulnerable context of Electron development (Electron development framework).
However, according to the researcher Pavel TsakalidisThe Electron development framework is a very serious threat to application security.
We should note that the vulnerability discovered by the researcher does not exist in the applications themselves, but in Electron development framework used to create them. However, with the help of vulnerability, an attacker can very easily hide his malicious activity in legitimate processes.
See Proof of Concept
To modify libraries and extensions, the attacker must first obtain administrator privileges on Linux or MacOS systems. In the case of Windows, local access is sufficient.
By making changes to libraries and extensions, an attacker can create new "functions" that can access the file system, activate the webcam, and extract sensitive data (such as passwords) from the system using the function. reliable applications.
In the video above, Tsakalidis presents a PoC in Microsoft Visual Studio with a backdoor that sends inbound users to a remote site.
According to the researcher, he informed Electron of the vulnerability, but received no response while the problem still exists.