Mar 03, 2025 02:23 PM IST
Are you using any of these Chrome extensions? You might want to safeguard your privacy and data.
If you actively use Google Chrome extensions, this news might be concerning for you. Researchers have discovered that attackers have successfully infiltrated a slew of already trusted extensions, making them dangerous. In total, 16 extensions have been identified as posing potential security risks. These include tools such as ad blockers, emoji extensions, among others.
Also Read: Nothing Phone 3a and 3a Pro prices revealed ahead of official launch in India – All details
Which Chrome extensions are affected?
Here is the list of all compromised Chrome extensions, as identified by a report by GitLab Security (via Notebookcheck).
- Blipshot
- Emojis Emoji Keyboard
- Color Changer for YouTube
- Video Effects for YouTube and Audio Enhancer
- Themes for Chrome and YouTube Picture in Picture
- Mike Adblock für Chrome
- Page Refresh
- Wistia Video Downloader
- Super Dark Mode
- Emoji Keyboard Emojis for Chrome
- Adblocker for Chrome (NoAds)
- Adblock for You
- Adblock for Chrome
- Nimble Capture
- KProxy
- WAToolKit
Also Read: MacBook Air with M4 chip likely to launch this week- Here’s what we know
What really happened?
The attack was reportedly executed using compromised developer accounts. Some developers were tricked into transferring control of their developer consoles to hackers. And this allowed the attackers to modify these extensions and push malicious updates.
The research notes also indicate that the attackers used complex multi-stage attacks to weaken browser security. They then injected content, bypassed browser security measures, and concealed dangerous code outside of the extensions.
GitLab also found that they were able to partially reproduce the attack chain. This attack is associated with phishing kit development and distribution, presenting a significant risk of sensitive information leakage.
“This campaign is a sophisticated attack on users’ web browsers, conducted at a huge scale. This type of activity presents an important threat to organizations because we transmit so much sensitive information through web browsers,” GitLab said.
It added, “Moreover, in-browser attacks are difficult for endpoint security tools to detect because artifacts are ephemeral, buried inside browser memory and transmitted almost instantaneously to maintain user experience.”
Also Read: iPhone 17e may launch in February 2026, following iPhone 16e’s annual release cycle: Report
Recommended Topics
