Popular Chrome extensions hijacked by hackers in widespread cyberattack — 3.2 million at risk
When you buy through links on our articles, Future and its syndication partners may earn a commission.
Just like you should with the apps on your phone, you also want to periodically go through your browser extensions and check to see which ones you have installed and what permissions you've given them access to. The reason for this is that you could have a malicious extension (or even several) installed in your web browser and not even know it.
As reported by Notebookcheck, a number of popular extensions that enable things like dark mode and adblocking in Google's browser have been hijacked by hackers, putting 3.2 million Chrome users at risk.
Although a malicious extension might not sound as dangerous as a malicious app on your phone, we store all sorts of personal and sensitive data in our browsers. From our browsing history and cookies to passwords and even payment information, all of this data can be stolen and used against us by hackers in their attacks.
Here's everything you need to know about this latest batch of malicious extensions along with some tips and tricks on how you can protect your devices and your data.
As is often the case with campaigns like this one, all of the malicious extensions in question are utilities designed to improve your browsing experience. From add-ons for YouTube to emoji keyboards and adblockers, each one of these extensions likely seemed useful enough that the Chrome users who installed them didn't think twice before doing so.
One thing that did stand out to the security researchers at GitLab Threat Intelligence that discovered these malicious extensions though is the permissions they requested access to. For instance, all of these extensions use permissions that allow them to interact with any website a user visits but they also let them inject and execute code on web pages.
While all of the extensions listed below have since been removed from the Chrome Web Store, you will still need to manually delete them if they're currently installed in your browser:
Blipshot (one click full page screenshots)
Emojis - Emoji Keyboard
WAToolkit
Color Changer for YouTube
Video Effects for YouTube and Audio Enhancer
Themes for Chrome and YouTube™ Picture in Picture
Mike Adblock für Chrome | Chrome-Werbeblocker
Page Refresh
Wistia Video Downloader
Super Dark Mode
Emoji Keyboard Emojis for Chrome
Adblocker for Chrome - NoAds
Adblock for You
Adblock for Chrome
Nimble Capture
KProxy
Normally with malicious extensions or apps, they're made from the ground up with the sole purpose of stealing data and their advertised functionality is an afterthought or just tacked on so that they can be listed in an official store. With the extensions above though, this wasn't the case at all.
Instead, these were actual, legitimate extensions that went bad as a result of having malicious updates injected into them. The way in which the hackers gained control over these extensions is also a bit different.
While some of their developers fell victim to phishing attacks which led to their extensions being outright hijacked, others willingly transferred control of their extensions over to the hackers behind this campaign.
So what was the purpose behind gaining control of these extensions in the first place? Well, some were used to inject harmful scripts into the browsers of unsuspecting users, others stole their data and some engaged in search engine fraud to drive clicks (and ad revenue) to hacker-controlled sites.
If you have any of these extensions installed in Chrome, you should remove them immediately and use one of the best antivirus software solutions to scan your computer for signs of malware or other viruses.
In a similar way to how plug-ins can enhance your favorite software, browser extensions can make using the web more more convenient while also giving you the ability to customize certain aspects of your favorite sites.
The problem though is that few browser extensions aren't as big or as popular as the apps on your smartphone. In fact, many extensions are made by solo developers or smaller companies which can make it more difficult to tell whether or not they are legitimate. This is why you want to carefully examine all of the permissions an extension requests access to before installing it and especially before granting access to them.
Unnecessary permissions can be found in loads of extensions and apps which is why you need to ask yourself if this particular extension or software really needs access to them in the first place. The permissions an extension requests can also serve as a major red flag and help you decide whether or not it's malicious.
Reading reviews and looking at ratings can help weed out the bad ones but you also want to take both of these with a grain of salt since they can be faked. It may be difficult to find but it's always a good idea to look for an external review — or better yet a video review — on an extension you want to install first before you add it to your browser.
As I covered in the campaign described above, even good extensions can go bad which is why you should periodically audit which extensions you have installed in your browser. If you haven't used a particular extension in some time, it's better to remove it from your browser than to keep it installed. Likewise, by limiting the number of extensions you have installed, you can lower your chances of having a malicious one in your browser significantly.
Whether its extensions or apps, hackers and other cybercriminals aren't going to stop spreading malicious software anytime soon. This is why it's up to you to practice good cyber hygiene, limit how many you have installed and think carefully when granting a particular extension or app access to the permissions it requests upon installation.
Billions of Chrome users at risk from new browser-hijacking Syncjacking attack
Thousands of WordPress sites hijacked to spread Windows and Mac malware
More than 3.3 million people hit by employee screening data hack — what you need to know
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
an hour ago
- Yahoo
Apple reportedly ditching its OS naming system for something more... confusing?
When you buy through links on our articles, Future and its syndication partners may earn a commission. Quick Summary Apple is set to rip up the copybook when it comes to the names of its new OS updates. Industry sources claim the next iOS will be called iOS 26. Apple's other operating systems will follow suit, it is said. If you own an Apple device you'll likely be au fait with the company's OS naming system. We're currently on variants of iOS 18, iPadOS 18, tvOS 18, etc, and iOS 19 and we're fully expecting iOS 19 and its equivalents to be announced during WWDC in a couple of weeks. However, it turns out we could be very wrong. It is claimed that Apple is set to shake-up the naming convention for the software coming to its best iPhones and other devices. And rather than simplify things, it could be more baffling than ever. Bloomberg's resident Apple expert, Mark Gurman, has reported that Apple will switch to yearly identifiers from this year's OS updates. However, much like EA does with its annual EA Sports games, it'll opt for the forthcoming year, not the current one. According to "people with knowledge of the matter", that means we'll get iOS 26, iPadOS 26, macOS 26, watchOS 26, tvOS 26 and visionOS 26 this year, while next year will see iOS 27 release, and so on. The software will be the same as the rumoured iOS 19, etc, but the name will be different. Of course, once we get into the swing of it, it'll make sense. And we get why Apple would want to use the proceeding year rather than current one, considering each OS is likely to release towards the end of 2025 (in September). However, it could make it particularly confusing when scanning through app compatibility, for example. The jump from 19 to 26 leaves quite a gap for the uninitiated. It's also been pointed out just how Samsung this all seems. Samsung has, since 2020, named its flagship Android phones after years – although as they launch in February or March, they use the current date. The Samsung Galaxy S25 family is the latest, therefore. It doesn't do so with its software though, with One UI 8 (based on Android 16) set to be its next big phone OS release. We'll find out more about the new naming structure on 9 June during during Apple's WWDC 25 opening keynote (or should that be 26?).
Yahoo
an hour ago
- Yahoo
Apple teases iOS redesign in WWDC 25 clip
When you buy through links on our articles, Future and its syndication partners may earn a commission. Quick Summary Apple's changes to iOS may be clearer after a new tease. We're expecting something inspired by the Apple Vision Pro. It's a jubilant time of year of year for Apple fans. The brand will be hosting its annual Worldwide Developers Conference (WWDC) on Monday 9th June. That event has historically played host to a wide range of new software and operating system-based goodies. The brand often utilises its opening keynote speech as a platform to introduce new software for every part of its portfolio. All of the rumours and leaks so far have pointed to a new design, which will take on the glass-like aesthetic seen in the Apple Vision Pro's VisionOS. And the latest teaser from the brand seems to support that theory. The WWDC website has been changed to offer a new tagline. That reads 'Sleek Peak' and is topped by an Apple logo which appears to be made from frosted glass. It should be an exciting update. Everything in the in the Apple catalogue from the Apple Watch to the iPad and the iPhone to the Mac is expected to receive the update, and we'd expect them all to make use of this theme in some way. I think that's a much needed update. The brand has always been known for sleek, classy and minimal designs, and this embodies that perfectly. Keeping the design consistent across all of its products would also help to tie the entire ecosystem together a little more. It's not the only big change expected either. Earlier rumours suggested that the brand is set to change the numbering convention of its software, to better align with the year. That means that we'll see all of the various operating systems released as xOS 26 this time out. There's not too much else to go on right now – Apple has always been pretty good at keeping things under wraps. Still, with less than a week to go before the show takes place, there's not much longer to wait for the news direct from the source.
Yahoo
an hour ago
- Yahoo
Your iPhone might not get iOS 26 – here are the models affected
When you buy through links on our articles, Future and its syndication partners may earn a commission. Quick Summary iOS 26 is coming as part of WWDC – but your iPhone may not be supported. And it's not just the phones being affected, either. With WWDC taking place next week, all eyes will be firmly on Apple as it debuts a range of new products and services. The show is normally used to showcase its next generation of software and operating systems for various devices. Naturally, the new iPhone operating system is set to be one of the most popular. With more and more people using one variant or another, there will be millions waiting to see what's on offer. Still, while some are excited about the new features coming to their handset, others will be waiting with baited breath to see if their device is still supported. Apple often makes certain models obsolete with new OS releases, though there's no real rhyme or reason to it. Now, a new report suggests that three iPhones could miss out on the iOS 26 software. Those are the iPhone XS, the iPhone XS Max and the iPhone XR. Those handsets were released back in 2018, so it shouldn't come as too much of a surprise. It's not just the iPhone range which looks set to lose some supported devices, either. The iPad range is also trimming some fat – though it's only the 7th Gen iPad expected to go there. MacOS 26 is rumoured to involve the most casualties, with the 2020 Intel-powered MacBook Air models, 2018 MacBook Pro's, the 2018 Mac Mini and the 2017 iMac Pro all set to face the chopping block. Three of those four shouldn't come as much surprise, but the inclusion of the Intel-powered 2020 MacBook Air models will likely raise some eyebrows. Of course, just because a device is supported also doesn't guarantee it will be feature-filled. We've already seen a number of iPhones launched in the not-too-distant past which support the broader iOS, but can't get features like Apple Intelligence. Still, for those who have kept their devices up to date, this should provide an interesting suite of options.
