Hundreds of malicious Chrome extensions have been uncovered by researchers at Domain Tools, according to a new report from BleepingComputer. These dangerous add-ons are not only capable of harvesting sensitive data but are also being used to deliver malware directly to users’ systems. In a troubling trend, many of the compromised extensions disguise themselves as being associated with trusted brands like Fortinet, YouTube, Deepseek AI, and Calendly—leveraging those recognizable names to increase their chances of being installed.
Although Google has removed most of the offending extensions from the Chrome Web Store, some are still slipping through the cracks. And this isn’t an isolated case—just last month, a security expert from Secure Annex uncovered a separate set of deceptive Chrome extensions distributed via online ads and scam sites. The pattern is clear: cybercriminals are increasingly targeting browser extension platforms as vectors for attacks, knowing that users often overlook the permissions and origins of the tools they install.
With threats becoming more sophisticated, users need to adopt a more skeptical and security-conscious mindset when customizing their browsers. Before downloading any extension, it’s crucial to check for verified developer names, look through recent reviews for warning signs, and avoid any extension promoted through unofficial or sponsored links. When in doubt, go directly to the developer’s website or a trusted source for the download link. These small steps can make a significant difference in avoiding data theft and keeping your browsing environment secure.