SquareX Ltd., a startup with a browser extension that can detect and block obfuscated malware, has raised $20 million in funding. SquareX’s browser extension promises to help enterprises protect employees from malicious websites, phishing campaigns and other online threats. The extension provides features for blocking so-called last mile reassembly attacks. Those are cyberattacks that disguise browser-borne malware by splitting it into multiple code snippets. Because the individual snippets are harmless on their own, they have a higher chance of evading detection by antivirus tools. The malware resembles itself after the code fragments are downloaded onto the user’s device. In some cases, last-mile reassembly attacks use LSB steganography to further complicate detection efforts. LSB steganography is a data storage method that can be used to encode malicious code into images, which often aren’t scanned by cybersecurity tools. Once a malware-laden image is downloaded by a user, a script extracts the malicious code and runs it. SquareX says that its browser extension can spot such attacks as well. According to SquareX, its browser extension removes macros from Office documents to delete any malicious code they may contain. When the extension blocks a malicious program, it sends the file to a cloud-based sandbox where administrators can study it. SquareX provides more than 20 malware analysis tools to ease the process. SquareX can be configured to block password sharing across applications, data entry into unauthorized applications and other risky practices. It’s also possible to create a list of approved browser extensions and automatically block plug-ins that are not on the list.