...
...
Next Story

Google Chrome users at risk: These 16 popular extensions could compromise your security

Are you using any of these Chrome extensions? You might want to safeguard your privacy and data.

Updated on: Mar 03, 2025 02:23 PM IST

If you actively use Google Chrome extensions, this news might be concerning for you. Researchers have discovered that attackers have successfully infiltrated a slew of already trusted extensions, making them dangerous. In total, 16 extensions have been identified as posing potential security risks. These include tools such as ad blockers, emoji extensions, among others.

Check if you have any of these extensions installed. (REUTERS)
Check if you have any of these extensions installed. (REUTERS)

Shaurya Sharma is the Technology Editor at Hindustan Times Digital Streams, where he oversees technology coverage across digital and social platforms. With over eight years of experience across editorial, video production, and digital media, his work focuses on smartphones, AI, consumer gadgets, and shaping audience-first content strategies for modern tech consumers.

He began his career in 2018 as a fashion cinematographer before turning his lifelong passion for technology into a profession. From spending his childhood immersed in tech magazines, video games, and the latest gadgets to covering the global consumer tech industry today, technology has remained a constant throughout his journey.

Over the years, Shaurya has worked with some of India’s leading media organisations, including CNN-News18, Sportskeeda, and Guiding Tech, where he led video initiatives that combined strong editorial storytelling with engaging visual and social-first execution.

A graduate in Journalism and Mass Communication from Manipal University, Shaurya has reviewed hundreds of products across categories including smartphones, laptops, gaming consoles, cameras, and wearables. Beyond work, he is passionate about animal welfare, environmental causes, and automobiles, particularly turbo-petrol cars

Read moreRead less

Also Read: Nothing Phone 3a and 3a Pro prices revealed ahead of official launch in India - All details

Which Chrome extensions are affected?

Here is the list of all compromised Chrome extensions, as identified by a report by GitLab Security (via Notebookcheck).

  1. Blipshot
  2. Emojis Emoji Keyboard
  3. Color Changer for YouTube
  4. Video Effects for YouTube and Audio Enhancer
  5. Themes for Chrome and YouTube Picture in Picture
  6. Mike Adblock für Chrome
  7. Page Refresh
  8. Wistia Video Downloader
  9. Super Dark Mode
  10. Emoji Keyboard Emojis for Chrome
  11. Adblocker for Chrome (NoAds)
  12. Adblock for You
  13. Adblock for Chrome
  14. Nimble Capture
  15. KProxy
  16. WAToolKit

Also Read: MacBook Air with M4 chip likely to launch this week- Here’s what we know

What really happened?

The attack was reportedly executed using compromised developer accounts. Some developers were tricked into transferring control of their developer consoles to hackers. And this allowed the attackers to modify these extensions and push malicious updates.

The research notes also indicate that the attackers used complex multi-stage attacks to weaken browser security. They then injected content, bypassed browser security measures, and concealed dangerous code outside of the extensions.

GitLab also found that they were able to partially reproduce the attack chain. This attack is associated with phishing kit development and distribution, presenting a significant risk of sensitive information leakage.

“This campaign is a sophisticated attack on users' web browsers, conducted at a huge scale. This type of activity presents an important threat to organizations because we transmit so much sensitive information through web browsers,” GitLab said.

Also Read: iPhone 17e may launch in February 2026, following iPhone 16e’s annual release cycle: Report

 
SHARE THIS ARTICLE ON
Hindustantimes wants to start sending you push notifications. Click allow to subscribe