Jakarta - Cyber threats are once again lurking on internet users. A total of 108 malicious extensions were found in Google Chrome and other Chromium-based browsers, which secretly steal user data while inserting ads.
This finding was revealed by the security firm Socket and reported by The Hacker News. Although it looks like a regular application - from games to simple tools - this extension has a hidden agenda.
All Connected to “One Brain”
What makes this case more serious, all the extensions are connected to one central server or command-and-control (C2). This means that data from thousands of users is sent to the same point. This is not just a bug - this is a coordinated operation.
The total downloads are "only" around 20,000, but the potential impact is much greater because the stolen data can include browsing activity to other sensitive information.
Disguised as a Common Tool
These extensions are disguised as applications that look harmless. One of the most downloaded is the "Web Client for TikTok" with more than 2,000 installations.
In addition to stealing data behind the scenes, this extension also injects ads into the sites users visit - turning the browsing experience into a field of illegal monetization.
This threat is not limited to Chrome only. All Chromium-based browsers such as Microsoft Edge and Brave Browser are also at risk if the extension is installed. In other words, this is an ecosystem problem, not just one application.
What to Do?
Users are advised to immediately check the list of extensions in their respective browsers. If you find a suspicious or unknown application, the best step is to immediately delete it.
The trick is quite simple: open the extension menu in the browser, then access "Manage Extensions" to view and remove unnecessary ones.
Long-term Threat, New Scale
This case shows that the old method - sneaking in through extensions - is still very effective, especially when packaged with a convincing appearance.
In today's digital age, threats don't always come in the form of viruses that are clearly visible. Sometimes, it's hiding behind the tools we use every day.
So before installing a new extension, it might be a good idea to think twice. Because on the internet, what looks useful ... is not necessarily safe.
Follow VOI Whatsapp Channel
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
