A cautionary alert has been issued regarding the security of Google’s widely-used Chrome web browser. Malicious extensions have been discovered that could potentially enable hackers to monitor users’ online activities and access sensitive personal information.
These rogue extensions were identified by the Koi Security team and employ a deceptive technique to evade detection initially. Despite appearing clean upon download, they later inject spyware to steal data post-installation.
The scale of this threat is significant, affecting an estimated 2 million individuals. A total of 18 Chrome extensions have been identified as carrying malware, some of which received positive reviews and were available on Google’s Chrome store. Among these extensions are emoji keyboards, weather services, YouTube enhancements, and more.
The list of compromised extensions includes various tools for both Chrome and Edge browsers, such as emoji keyboard online, free weather forecast, unlock Discord, dark theme, volume max, unblock TikTok, and more.
Users are advised to take immediate action if they suspect they have installed any of the mentioned extensions. Malwarebytes recommends clearing browsing data promptly to eliminate any stolen tracking identifiers or session tokens. Additionally, users should monitor account activity, enable two-factor authentication, and reset browser settings to default to reverse any unauthorized modifications made by the extensions.
Google has confirmed the removal of all affected extensions, ensuring new users are not at risk of infection.