1.7 Million Chrome Users At Risk! Malicious Extensions Found Spying On Your Activity

If you use Chrome extensions for any purpose, then know your browser may have been compromised! Security researchers have discovered nearly a dozen Chrome extensions that looked harmless but were secretly tracking users’ web activity and possibly redirecting them to unsafe sites. With over 1.7 million downloads, these extensions highlight how even “verified” tools on the Chrome Web Store can turn dangerous. 

A report by Bleeping Computer cited that cybersecurity firm Koi Security discovered the issue and promptly reported the extensions to Google. While some have since been removed from the Chrome Web Store, many are still live and available for download. The risky part? Many of these extensions were verified by Google, and they carried hundreds of positive reviews and even ranked high in the store’s search results, the report added. 

Malicious Chrome Extensions

Here’s a list of known malicious Chrome extensions you should remove immediately:

• Color Picker, Eyedropper — Geco colorpick
• Emoji keyboard online — copy & paste your emoji
• Free Weather Forecast
• Video Speed Controller — Video manager
• Unlock Discord — VPN Proxy
• Dark Theme — Dark Reader for Chrome
• Volume Max — Ultimate Sound Booster
• Unblock TikTok — One-Click Proxy
• Unlock YouTube VPN
• Weather

According to the report, these extensions contain malicious code in the background, which activates every time you open a new web page. The code captures the visited URL and sends it to a remote server along with a unique tracking ID, allowing potential hijacking of the user’s online activity. Interestingly, the harmful code wasn’t part of the original versions. It was added later through updates, rolled out silently using Google’s auto-update system. 

Koi Security’s report also found similar issues in Microsoft Edge extensions, bringing the total affected users across both browsers to over 2.3 million. Google has since confirmed the removal of all the flagged Chrome extensions, the report added.  

How to Protect Yourself

If you are worrying about your security and data, then here are a few steps users should take immediately:

• First of all, remove any of the listed extensions from your Chrome or Edge browser.
• After removing the extensions, go to your browser settings and clear cookies, cache, and site data to remove any tracking identifiers.
• Always use a trusted antivirus or anti-malware tool to scan your system for any leftover threats or hidden spyware.
• Before installing any extension, check the permissions it asks for—tools requesting access to all websites or browsing history should be treated with caution.
• Limit your use of browser extensions to only those you absolutely need, and regularly review installed add-ons for anything unfamiliar or unused.