Cybersecurity Firm Reports Malicious Chrome Extensions Stealing User Data
Cybersecurity firm Socket has identified over 100 malicious Chrome extensions that have been installed by more than 20,000 users. These extensions, published under five different accounts, are part of a coordinated campaign using shared command-and-control infrastructure. The extensions are designed to steal user data, provide backdoor access, and inject ads. They target various user groups by offering functionalities like Telegram sidebar clients, YouTube and TikTok enhancers, and text translation tools. Despite their malicious intent, these extensions provide expected functionalities to avoid suspicion. Socket has reported these extensions, but they remain available on the Chrome Web Store. 
