Mikkel Christensen
More than 100 Chrome extensions have been flagged as malicious, with researchers warning they may have exposed sensitive data from thousands of users.
More than 100 Chrome extensions have been flagged as malicious, with researchers warning they may have exposed sensitive data from thousands of users.
The tools appeared legitimate but were quietly running harmful code in the background.
According to BGR, citing a report by Socket, around 20,000 users may have been affected through extensions distributed via the Chrome Web Store.
Widespread threat
The report identified 108 extensions disguised as games, utilities and social media tools, some with over 1,000 downloads.
These add-ons used browser permissions and APIs to inject malicious scripts into websites, enabling data collection and ad manipulation without users’ knowledge.
Coordinated operation
Researchers found the extensions were linked through a shared backend system, pointing to a single coordinated campaign.
Rather than isolated apps, the network relied on a central command-and-control server, allowing operators to manage stolen data across all extensions.
Data at risk
Some extensions targeted Google account data, including unique identifiers that can be used to track users across services.
Others created persistent browser access or repeatedly captured Telegram session data, increasing the risk of account compromise over time.
Growing concern
While Google has been alerted, some extensions were still active at the time of reporting, raising concerns about platform oversight.
Experts advise users to regularly review installed extensions, remove unfamiliar ones, and limit permissions to reduce exposure to similar threats.
Sources: BGR, Socket
