ADVERTISEMENT

Chrome extensions ask for too many dangerous permissions and see everything

Chrome extensions often come with the most invasive permissions. Your AI sidebar, QR code generator, paint, or any other tool can track browsing, inject scripts, store private data, and sometimes even access cryptocurrency node connections. Here’s what we discovered about 100 popular Chrome extensions.

Chrome extensions are asking for too many dangerous permissions

Image by Cybernews.

Ernestas Naprys
Ernestas Naprys Senior Journalist
Apr 15, 2025 Updated: 28 July 2025 7 min read

Methodology

Which extensions require the most permissions?

The most requested permissions

ADVERTISEMENT

Two extensions vanished

Users have limited control compared to apps: here’s what you can do

extension-asking-for-permissions
Gintaras Radauskas Paulius Grinkevičius B&W Konstancija Gasaityte Niamh Ancell
Get our latest stories today on Google News
Add us as your Preferred Source on Google.
  • Always review all the permissions before installation.
  • Be especially wary of permissions that grant access to running code, browsing data, file systems, and communication tools.
  • Check if the developer is reputable. Also, ensure that there’s a privacy policy and that it clearly states what data the extension collects. Are you comfortable with it?
  • Limit your extension use as much as possible.
  • Periodically audit your installed extensions and remove those you no longer need.
  • Use a capable EDR/antivirus solution with a web protection/ URL filtering solution.
ADVERTISEMENT