Rapicode, nultiple extensions, current versions, back door
Extensions affected are:-
- Rapi Content Ticker
- Rapi Content Carousel
- Rapi Cookie Consent
- Rapi Countdown
- Rapi Preloader
- Rapi Loading Progress Bar
- Rapi Page Animate
At the moment the back door seems to be loading mining code, it can be used to load arbitrary scripts or other content from the developer's site.
We suggest that the extensions be treated as malicious and uninstalled.
Note that their other extensions may be affected too, we have not had the opportunity to test them all. If you are using them we suggest checking the code for any curl request to cdn.rapicode.com, or using your browser tools to check for any unexpected scripts being loaded.