Browser extension malware hits millions worldwide
A long‑running malware campaign secretly exploited trusted browser extensions, putting millions at risk and exposing major flaws in extension marketplace security.
Millions of browser users installed popular extensions that later became spyware as part of a long-running malware operation. Researchers linked over 100 Chrome, Edge and Firefox extensions to the DarkSpectre hacker group.
Attackers kept extensions legitimate for years before quietly activating malicious behaviour. Hidden code embedded in image files helped bypass security reviews in official browser stores.
The campaign enabled large-scale surveillance by collecting real-time browsing activity and corporate meeting data. Analysts warn that such information supports phishing, impersonation and corporate espionage.
Experts urge users to remove unused extensions and question excessive permission requests. Regular browser updates and cautious extension management remain essential cyber defences.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!