A Major Privacy Breach!

In a startling revelation, 57 Chrome extensions, boasting an alarming 6 million installations, have been found to harbor dangerous features that could compromise user privacy by monitoring browsing habits and accessing sensitive cookies.

Hidden from Sight!

These dubious extensions are 'hidden' from Chrome Web Store searches and are not indexed by search engines. Users can only download them through a specific URL, making them particularly sneaky.

Private Software Gone Rogue?

While many of these extensions are typically internal tools or under development, they have been exploited by malicious actors to evade detection, promoting them aggressively via ads and harmful websites.

The Investigation Unveiled Dangers!

Researcher John Tuckner from Secure Annex uncovered these extensions while investigating one suspicious tool called 'Fire Shield Extension Protection.' This extension is heavily obfuscated, containing backdoors to send sensitive browser data to an external API.

Broad Permissions Raise Red Flags!

Tuckner discovered a troubling array of permissions in these extensions, including: - Access to cookies, even sensitive headers like 'Authorization' - Surveillance of user browsing activities - Modifications of search providers and results - Injection of remote scripts into web pages - Remote tracking abilities that could be activated at any moment.

Spyware in Disguise?

Though Tuckner didn’t find direct evidence of password or cookie theft, the far-reaching permissions and hidden code prompted him to classify them as risky, potentially functioning as spyware. He noted, "The presence of such capabilities across numerous extensions claiming simple functionalities is deeply concerning."

Updates on the Discovery!

Today, Tuckner identified 22 additional extensions tied to this operation, increasing the total to 57. Some of these extensions are public, while others remain unlisted. Google has reportedly removed several of them following Tuckner's initial alert, but others still lurk in the shadows.

What You Should Do!

If you've got any of the extensions mentioned, such as 'Fire Shield Extension Protection' or 'Cuponomia' (with a whopping 700,000 users!), it's crucial to delete them immediately. For your safety, consider resetting passwords on your online accounts.

Google Takes Action!

In response to the findings, Google has acknowledged Tuckner's report and is currently investigating the situation to protect users from potential threats.

Stay vigilant and prioritize your online safety!