Security researchers from Domain Tools warn that there are hundreds of Chrome extensions stealing data and running malware on the sly, reports BleepingComputer.
Many of the malicious extensions are riding the coattails of well-known brands such as Fortinet, YouTube, Deepseek AI, and Calendly, increasing the risk of users installing them and getting into trouble. Google has reportedly removed most of the targeted extensions from the Chrome Web Store, but some still remain at the time of writing.
We saw something similar happen last month when a cybersecurity researcher at Secure Annex found numerous malicious Chrome extensions being spread via ads and scam sites. It’s yet another example of why you need to vet your browser extensions carefully.
To be on the safe side, you should always check out all available reviews before downloading any extensions to your browser, and always double-check that you’re downloading the official one. If you think you’ve been hit, see our article on how to remove malicious Chrome extensions.
This article originally appeared on our sister publication PC för Alla and was translated and localized from Swedish.