Millions face privacy breach after malicious browser extensions spread
- Replies 4
If you’re like most of us, you probably rely on your web browser for everything these days—catching up on news, checking your bank balance, chatting with the grandkids, and maybe even a cheeky bit of online shopping.
But what if we told you that something as simple as a browser extension could be quietly spying on you, tracking your every move, and even putting your personal information at risk?
That’s exactly what’s happened to millions of people around the world, including right here in Australia, thanks to a recent discovery by cybersecurity researchers.
They’ve uncovered a sneaky campaign involving 18 browser extensions—available through the official Chrome and Edge web stores—secretly tracking users’ online behaviour.
The total number of installs? Over two million. Yikes!
These weren’t dodgy downloads from the dark corners of the internet.
These extensions looked perfectly legitimate, offering handy features like weather updates, emoji keyboards, and even dark mode for your browser.
They had glowing reviews, shiny verification badges, and the web stores themselves even featured some.
But here’s the catch: cybercriminals have figured out a clever trick. They start by releasing a clean, innocent extension—what some experts call a 'sleeper agent.'
It works as advertised, builds up a good reputation, and then, after months or even years, the bad guys push out an update that quietly adds malicious code.
Suddenly, your trusty extension is up to no good.
Once 'activated,' these extensions would spring into action every time you visited a new website. Here’s what they did:
You download it, thinking you’re being safe, but you’ve just installed even more malware. Suddenly, your device—and all your info—could be completely compromised.
Most of the malicious extensions have now been removed from the webstores, but if you installed one before it was taken down, you could still be at risk.
And while we always recommend sticking to official webstores for your downloads, this incident proves that even 'safe' sources aren’t foolproof.
First, check your browser for these extensions. Here’s the list of the main offenders:
Chrome Extensions:
It’s always better to be safe than sorry. This incident is a timely reminder that even the most tech-savvy among us can fall victim to online scams.
Have you ever had a dodgy extension sneak onto your computer? Or maybe you’ve got a tip for staying safe online? Share your stories and advice in the comments below—let’s help each other stay one step ahead of the cyber crooks!
Read more: Web browser users face urgent security risk as millions warned to remove dangerous extensions
But what if we told you that something as simple as a browser extension could be quietly spying on you, tracking your every move, and even putting your personal information at risk?
That’s exactly what’s happened to millions of people around the world, including right here in Australia, thanks to a recent discovery by cybersecurity researchers.
They’ve uncovered a sneaky campaign involving 18 browser extensions—available through the official Chrome and Edge web stores—secretly tracking users’ online behaviour.
The total number of installs? Over two million. Yikes!
Over two million users get spied on by 18 malicious Chrome and Edge extensions that track activity and hijack sessions. Credit: Depositphotos
These weren’t dodgy downloads from the dark corners of the internet.
These extensions looked perfectly legitimate, offering handy features like weather updates, emoji keyboards, and even dark mode for your browser.
They had glowing reviews, shiny verification badges, and the web stores themselves even featured some.
But here’s the catch: cybercriminals have figured out a clever trick. They start by releasing a clean, innocent extension—what some experts call a 'sleeper agent.'
It works as advertised, builds up a good reputation, and then, after months or even years, the bad guys push out an update that quietly adds malicious code.
Suddenly, your trusty extension is up to no good.
Once 'activated,' these extensions would spring into action every time you visited a new website. Here’s what they did:
- Captured the URL of every page you visited.
- Sent that information, along with a unique ID to track you, to a remote server.
- Waited for instructions from the cybercriminals’ command centre.
- If told to do so, redirected you to a different website—sometimes a fake version of a real site.
You download it, thinking you’re being safe, but you’ve just installed even more malware. Suddenly, your device—and all your info—could be completely compromised.
Most of the malicious extensions have now been removed from the webstores, but if you installed one before it was taken down, you could still be at risk.
And while we always recommend sticking to official webstores for your downloads, this incident proves that even 'safe' sources aren’t foolproof.
First, check your browser for these extensions. Here’s the list of the main offenders:
Chrome Extensions:
- Emoji keyboard online
- Free Weather Forecast
- Unlock Discord
- Dark Theme
- Volume Max
- Unblock TikTok
- Unlock YouTube VPN
- Geco colorpick
- Weather
- Unlock TikTok
- Volume Booster
- Web Sound Equalizer
- Header Value
- Flash Player
- Youtube Unblocked
- SearchGPT
- Unlock Discord
It’s always better to be safe than sorry. This incident is a timely reminder that even the most tech-savvy among us can fall victim to online scams.
Read more: Web browser users face urgent security risk as millions warned to remove dangerous extensions
.png){kind=icon}
