Chrome users warned: Over 100 harmful extensions discovered

Users of the Chrome browser should be particularly cautious when installing extensions. Although Google has removed many of these harmful extensions, some are still accessible in the Chrome Web Store.

These malicious extensions often impersonate well-known brands, such as Fortinet or YouTube. Fraudulent websites with "Add to Chrome" buttons direct users to these harmful tools, lending them a false sense of credibility. Such extensions can modify network traffic, steal cookies, and execute JavaScript scripts.

Malicious extensions may function as proxy servers, enabling attackers to monitor users' browsing activity. They can also hijack accounts and steal personal data. This underlines the importance of thoroughly checking extensions before installing them.

One example is the "fortivpn" extension, known to steal cookies and modify network traffic. Similar instances have been reported previously, emphasising the need for caution when adding new tools to the browser.

BleepingComputer provides several examples of extensions to avoid. Some impersonate popular tools like Flightradar24, the artificial intelligence DeepSeek, and YouTube:

• youtube-vision[.]com and youtube-vision[.]world
• deepseek-ai[.]link
• calendlydaily[.]world, calendlydocker[.]com, calendly-director[.]com
• whale-alerts[.]org and whale-alert[.]life
• madgicxads[.]world and madgicx-plus[.]com
• similar-net[.]com
• workfront-plus[.]com
• flight-radar[.]life

To minimise the risk, users should install extensions only from reputable publishers and read reviews left by other users. This can help identify potential threats and avoid security issues.