CyberSecurityBoard
Sponsor Register Login

131 Chrome Extensions Caught Hijacking Web Traffic to Inject Ads, Steal Data

A recent cybersecurity investigation uncovered 131 malicious Chrome extensions involved in hijacking web traffic to inject unauthorized ads and steal sensitive user data. These extensions, downloaded by millions, exploited browser permissions to redirect users to fraudulent sites and collect personal information without consent. The widespread nature of this threat highlights the critical need for users to scrutinize browser extensions and for platforms to enforce stricter vetting processes. This article delves into the modus operandi of these extensions, the risks posed to users, and recommended security measures to mitigate such threats. It also discusses the role of cybersecurity firms and browser developers in identifying and removing these malicious extensions to protect the online ecosystem. Users are advised to regularly review installed extensions, update their browsers, and utilize reputable security tools to safeguard their digital privacy and security.

This Cyber News was published on thehackernews.com. Publication date: Mon, 20 Oct 2025 21:44:03 +0000


Cyber News related to 131 Chrome Extensions Caught Hijacking Web Traffic to Inject Ads, Steal Data

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
2 years ago Esecurityplanet.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com
131 Chrome Extensions Caught Hijacking Web Traffic to Inject Ads, Steal Data - A recent cybersecurity investigation uncovered 131 malicious Chrome extensions involved in hijacking web traffic to inject unauthorized ads and steal sensitive user data. These extensions, downloaded by millions, exploited browser permissions to ...
2 months ago Thehackernews.com
Google Takes Down Over 50,000 Instances of Malicious Chrome Extensions - Google recently took down over 50,000 Chrome browser extensions after discovering that they were involved in malicious activity. The malicious activity included advertising click fraud, downloading malware, and displaying adware. According to Google, ...
2 years ago Thehackernews.com
Fake VPN Chrome extensions force-installed 1.5 million times - Three malicious Chrome extensions posing as VPN infected were downloaded 1.5 million times, acting as browser hijackers, cashback hack tools, and data stealers. According to ReasonLabs, which discovered the malicious extensions, they are spread via ...
2 years ago Bleepingcomputer.com
Over 6 Million Chrome Extensions Can Execute Remote Commands on Users’ Browsers - A major security incident has come to light involving more than six million installations of Chrome browser extensions that secretly execute remote commands, track user activity, and potentially expose sensitive information. John Tuckner of secure ...
8 months ago Cybersecuritynews.com
131 Malicious Extensions Targeting WhatsApp Users Discovered - A recent cybersecurity investigation has uncovered 131 malicious browser extensions specifically targeting WhatsApp users. These extensions, disguised as useful tools, actually serve as conduits for data theft, unauthorized access, and spreading ...
2 months ago Cybersecuritynews.com
Hijacking Your Bandwidth How Proxyware Apps Open You Up to Risk - Is this true? To examine and understand the kind of risks a potential user might be exposed to by joining such programs, we recorded and analyzed network traffic from a large number of exit nodes of several different network bandwidth sharing ...
2 years ago Trendmicro.com
Microsoft again bothers Chrome users with Bing popup ads in Windows - Microsoft is once again harassing Google Chrome users on Windows 10 and Windows 11 with popup desktop advertisements promoting Bing and its GPT-4 Bing Chat platform. Due to the quality of the pixelated ads, some who received them were concerned that ...
1 year ago Bleepingcomputer.com
Malicious Chrome extensions with 1.7M installs found on Web Store - Almost a dozen malicious extensions with 1.7 million downloads in Google's Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses. According to the researchers, most of the malicious functionality ...
5 months ago Bleepingcomputer.com
Malicious Chrome extensions with 1.7M installs found on Web Store - Almost a dozen malicious extensions with 1.7 million downloads in Google's Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses. According to the researchers, the malicious functionality is ...
5 months ago Bleepingcomputer.com
The zero-day that could've compromised every Cursor and Windsurf user - In a recent post Yomtom explains that while examining the build process behind OpenVSX, the open-source marketplace powering extensions for tools like Cursor, Windsurf, VSCodium, and others, he discovered a critical flaw. Dubbed VSXPloit: A single ...
5 months ago Bleepingcomputer.com
Malicious Chrome VPN Extensions Installed 1.5M Times Browsers - In a recent cybersecurity revelation, a highly sophisticated cyber attack campaign has emerged, weaving a web of deceit through malicious web extensions cunningly disguised as VPNs. ReasonLabs, a cybersecurity firm, has discovered online piracy ...
1 year ago Cybersecuritynews.com
Google Online Security Blog: Sustaining Digital Certificate Security - The Chrome Security Team prioritizes the security and privacy of Chrome's users, and we are unwilling to compromise on these values. The Chrome Root Program Policy states that CA certificates included in the Chrome Root Store must provide value to ...
1 year ago Security.googleblog.com
Chrome extensions with 6 million installs have hidden tracking code - While Tuckner didn't catch any extensions stealing user passwords or cookies, the excessively risky capabilities, heavily obfuscated code, and hidden logic were enough for the researcher to label them as risky and, potentially, spyware. A set of 57 ...
8 months ago Bleepingcomputer.com
Fake Madgicx Plus and SocialMetrics Pro Chrome Extensions Found Stealing Facebook Credentials - Cybersecurity researchers have uncovered a new phishing campaign involving fake Chrome extensions named Madgicx Plus and SocialMetrics Pro. These malicious extensions are designed to steal Facebook credentials from unsuspecting users by mimicking ...
3 months ago Thehackernews.com
VSCode extensions found downloading early-stage ransomware - It is notable that the extensions were uploaded onto the VSCode Marketplace on October 27, 2024 (ahban.cychelloworld) and February 17, 2025 (ahban.shiba), bypassing safety review processes and remaining on Microsoft's store for an extensive ...
9 months ago Bleepingcomputer.com
Google Chrome disables uBlock Origin for some in Manifest v3 rollout - Google continues its rollout of gradually disabling uBlock Origin and other Manifest V2-based extensions in the Chrome web browser as part of its efforts to push users to Manifest V3-based extensions. For those who need more time, Google will let the ...
10 months ago Bleepingcomputer.com
Malicious Chrome extensions can spoof password managers in new attack - In SquareX's demonstration, the attackers impersonate the 1Password password manager extension by first disabling the legitimate one using the 'chrome.management' API, or if the permissions aren't available, user interface manipulation tactics to ...
9 months ago Bleepingcomputer.com
Pakistani Firm Shipped Fentanyl Analogs, Scams to US – Krebs on Security - California resident Walter Horsting discovered something similar when he sued 360 Digital Marketing in small claims court last year, after hiring a company called Vox Ghostwriting to help write, edit and promote a spy novel he’d been working ...
7 months ago Krebsonsecurity.com
Calling Home, Get Your Callbacks Through RBI - Following a brief introduction to the technology, we share our firsthand experiences when encountering RBI solutions and techniques the SpecterOps team have employed for establishing command and control to systems that proxy traffic through RBI ...
1 year ago Securityboulevard.com
Developers Beware of Malicious VS Code Extension Apps With Million of Installations - Cybersecurity researchers have uncovered a disturbing campaign targeting software developers through malicious Visual Studio Code extensions that have collectively amassed millions of installations. These compromised extensions, masquerading as ...
8 months ago Cybersecuritynews.com
Threat Actors May Abuse VS Code Extensions to Deliver Malware - Visual Studio Code (VS Code) extensions have become a popular tool for developers to enhance their coding environment. However, recent cybersecurity research highlights a growing threat where malicious actors exploit these extensions to deliver ...
1 month ago Cybersecuritynews.com
15 Best Bandwidth Monitoring Tools in 2025 - By providing real-time data on network usage, bandwidth monitoring tools enable proactive management and quick resolution of issues that could impact network performance. It provides real-time monitoring of network performance, traffic analysis, and ...
4 months ago Cybersecuritynews.com
Attackers Can Bypass Windows Security Using New DLL Hijacking - Threat actors using the DLL Hijacking technique for persistence have been the order of the day and have been utilized in several attacks. This attack method allows bypassing the privilege requirement for executing certain malicious codes on the ...
1 year ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)