Chrome extensions with 6 million installs have hidden tracking code

A set of 57 Chrome extensions with 6,000,000 users have been discovered with very risky capabilities, such as monitoring browsing behavior, accessing cookies for domains, and potentially executing remote scripts. These extensions are 'hidden,' meaning they don't show up on Chrome Web Store searches, nor do search engines index them, and can only be installed if the user has the direct URL. Typically, such extensions are private software like internal company tools or add-ons still under development. Still, threat actors might be using them to evade detection while aggressively pushing them through ads and malicious sites. Risky Chrome extensions The extensions were discovered by Secure Annex researcher John Tuckner, who uncovered the first 35 after examining what he claims is a suspicious extension named 'Fire Shield Extension Protection.' The extension is heavily obfuscated and contains callbacks to an API for sending information collected from the browser. Tracking function in ... Read full article.