Researchers at Socket uncovered 108 malicious Chrome extensions that steal user data and inject ads across web pages. The add-ons, downloaded about 20,000 times, send credentials, browsing data and identities to attacker-controlled servers. Several also steal Google account details, hijack Telegram sessions and open arbitrary URLs via built-in backdoors.
Cybersecurity researchers have discovered 108 malicious Google Chrome extensions that communicate with the same command-and-control (C2) infrastructure to steal user data and enable browser-level abuse.
The extensions inject ads and arbitrary JavaScript code into every web page visited by users. They were published under five distinct publisher identities: Yana Project, GameGen, SideGames, Rodeo Games, and InterAlt.
Collectively, the extensions amassed about 20,000 installs in the Chrome Web Store. All 108 extensions route stolen credentials, user identities, and browsing data to servers controlled by the same operator.
54 of the extensions steal Google account identity via OAuth2, capturing email, full name, profile picture URL, and Google account identifier when users click the sign-in button.
-
UPSSSC Vacancy: Recruitment for Platoon Commander and Block Organizer in UP Home Guards..
-
Unemployment Figures Rise in March; Youth Bear the Brunt—Are These Signs of an Economic Slowdown?
-
UPHESC Admit Card 2026: UP Assistant Professor Recruitment Exam Admit Card Released; Exam Scheduled for April 18–19..
-
Arts, Commerce, or Science—Which Stream Should a Student Choose Based on Their Class 10 Marks?
-
CBSE 10th Result 2026: How to Convert CBSE Class 10 CGPA to Percentage? Note Down the Correct Formula..
