ADVERTISEMENT

Massive browser hijack: extensions turn Trojan and infect 2.3M Chrome and Edge users

Eighteen extensions had a “squeaky clean” codebase, sometimes for years, until a version bump turned them into dangerous trojans without any user input. Security researchers warn that over 2.3 million users have just been compromised, but there are many more extensions lurking.

Chrome, Edge

Image by Cybernews.

Ernestas Naprys
Ernestas Naprys Senior Journalist
Jul 9, 2025 Updated: 14 July 2025 4 min read
Key takeaways:
malicious-extension-example
Has my data been leaked?

What does this Trojan do?

Jurgita Lapienyte Gintaras Radauskas Ernestas Naprys Niamh Ancell
Stay informed and get our latest stories on Google News
Add us as your Preferred Source on Google.
ADVERTISEMENT
  • Emoji keyboard online – copy&paste your emoji
  • Free Weather Forecast
  • Video Speed Controller – Video Manager
  • Unlock Discord – VPN Proxy to Unblock Discord Anywhere
  • Dark Theme – Dark Reader for Chrome
  • Volume Max – Ultimate Sound Booster
  • Unblock TikTok – Seamless Access with One-Click Proxy
  • Unlock YouTube VPN
  • Color Picker, Eyedropper – Geco colorpick
  • Weather
  • Unlock TikTok
  • Volume Booster – Increase your sound
  • Web Sound Equalizer
  • Header Value
  • Flash Player – games emulator
  • Youtube Unblocked
  • SearchGPT – ChatGPT for Search Engine
  • Unlock Discord

What do you do if you find a malicious extension?

Edge and Chrome logos with a lock
Malicious Edge and Chrome extensions should be deleted immediately
  • Reset your browser settings to default to undo any changes the extension may have made to your search engine, homepage, or other settings. Look for signs like unexpected redirects, changed search engines, or new toolbars.
  • Immediately change passwords for accounts that you visited while the malicious extension was installed (such as online banking). Make sure you are using a reliable password manager that generates long and complex passwords which are hard to crack.
  • Enable two-factor authentication (2FA) where possible for added protection.
  • Monitor accounts for suspicious activity.
  • Check your email and text messages for security alerts or notifications about unauthorized access. Beware of scammers sending fake alerts, too.
  • Make sure your browser and remaining extensions are up to date.
  • Run a full system scan with an antivirus solution.
ADVERTISEMENT