Threat Intelligence, Malware

Millions of Chrome, Edge users compromised with malicious extensions

More than 2.3 million Google Chrome and Microsoft Edge users had their browsers hijacked as part of the RedDirection attack campaign involving 18 nefarious extensions, according to The Register.

Malicious extensions included VPN proxies for TikTok and Discord, YouTube unblockers, weather forecasts, video speed controllers, and emoji keyboards, which not only worked as intended but also facilitated covert browsing activity surveillance, URL gathering, and unique tracking ID exfiltration activities, a report from Koi Security showed. Further analysis revealed that malware had been added to the extensions much later through updates. "Due to how Google and Microsoft handle browser extension updates, these malicious versions auto-installed silently for over 2.3 million users across both platforms, most of whom never clicked anything," said Koi Security analyst Idan Dardikman. Individuals using the malicious extensions have been urged to promptly uninstall them and erase their browser data while remaining vigilant on potentially illicit account activity.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds