Excerpt from Social Barrel Article, Published on Mar 02, 2025.
Cybersecurity researchers have discovered a major cyberattack targeting Chrome extensions, affecting over 3.2 million users. Hackers have hijacked 16 popular Chrome extensions, injecting them with harmful scripts that steal sensitive data and manipulate web pages. If you have any of these extensions installed, you must delete them immediately. Originally legitimate, these Chrome extensions were compromised when their developers unknowingly transferred control to cybercriminals. Once in control, the attackers released malicious updates that infected users’ browsers. According to GitLab Threat Intelligence, these hijacked Chrome extensions enabled hackers to access users’ browsing activity, steal personal data, and commit search engine fraud.
The affected Chrome extensions include tools for screen capture, ad blocking, and emoji keyboards. Some of the most widely used ones are Blipshot, Emojis, Super Dark Mode, Adblock for Chrome, and WAToolkit. Google has already removed these Chrome extensions from its Web Store, but users who installed them must manually delete them to stay safe. Having these compromised Chrome extensions installed poses significant risks. The permissions granted to them allow hackers to manipulate web pages, redirect ad revenue, and track user activities. Since these malicious scripts operate in the background, most users remain unaware of the ongoing threat.
To protect yourself, go to chrome://extensions and remove any of the affected Chrome extensions. Additionally, running a trusted antivirus program can help detect malware or suspicious scripts. Users should also be cautious when installing new Chrome extensions. Reviewing permissions, checking developer credibility, and reading user reviews can help avoid security risks. Regularly reviewing and deleting unused Chrome extensions is crucial to minimizing threats. This cyberattack serves as a reminder that even the most useful Chrome extensions can become dangerous if compromised. Stay vigilant and keep your browsing experience secure.
To delve deeper into this topic, please read the full article Social Barrel.
