Security researchers at Domain Tools are sounding the alarm over a growing wave of malicious Chrome extensions that are quietly stealing user data and deploying malware. As reported by BleepingComputer, the number of compromised extensions has ballooned into the hundreds, posing a serious risk to unsuspecting users. What makes the situation more concerning is that many of these harmful extensions impersonate legitimate and recognizable brands—including Fortinet, YouTube, Deepseek AI, and Calendly—making it much easier for users to mistakenly download and install them without a second thought.
While Google has reportedly taken swift action to remove the bulk of these malicious extensions from the Chrome Web Store, some still remain live as of now. This isn’t the first such incident in recent months. Just last month, researchers from Secure Annex flagged a separate set of dangerous extensions being circulated through online ads and deceptive scam websites. These repeated waves of bad actors exploiting the Chrome ecosystem highlight the urgent need for users to be far more discerning when it comes to browser add-ons, even those that appear legitimate at first glance.
To reduce the risk of falling victim to such threats, users should take a more cautious approach when installing browser extensions. That means carefully reading user reviews, scrutinizing the developer’s credentials, and checking for inconsistencies in extension descriptions or logos. It’s also important to verify that the extension originates from an official source, rather than relying solely on search results or sponsored links. Staying vigilant can go a long way toward protecting your personal information and preventing malware infections from silently taking root in your browser.
