A concerning security alert has been issued for users of Google’s widely-used Chrome web browser. Reports indicate that several extensions containing malware have been discovered, potentially allowing hackers to spy on users’ browsing activities and access sensitive personal information.
The malicious extensions were initially identified by the Koi Security team. These extensions initially appear clean of any viruses upon download but later deploy data-stealing spyware without detection. It is estimated that over 2 million users may have been affected by this security breach. Notably, 18 Chrome extensions have been identified to contain the malware, some of which received positive reviews and were available on Google’s Chrome store.
Affected extensions include emoji keyboards, weather services, YouTube enhancements, among others. Users are advised to take immediate action if they suspect they have installed any of the mentioned extensions. Security experts recommend clearing browsing data promptly to remove any stolen tracking identifiers or session tokens. Additionally, users are urged to monitor their accounts for suspicious activities and enable two-factor authentication for added security.
Resetting browser settings to default is also recommended to undo any modifications made by the malicious extensions. Google has assured that all affected extensions have been removed, preventing new users from falling victim to this threat.