Chrome Extensions: Are you getting more than you bargained for?

216.73.216.6

Chrome Extensions: Are you getting more than you bargained for?

· Published 26/01/2026 15:40 · Modified 26/01/2026 18:03

Essential information

Published: 26/01/2026 15:40
Modified: 26/01/2026 18:03
Tags: 2026-01-26 CVE-2020-28707 chrome extensions clipboard access data exfiltration malicious extensions remote code execution search hijacking security risks xss vulnerability
Related entities: 18 vulnerabilities (cve), 13 observables, 7 techniques (mitre), 5 others

Description

This analysis reveals the hidden dangers of certain Chrome extensions available on the Google Chrome Web Store. Despite the store's vetting process, some malicious extensions have slipped through, compromising user security. The study examines four examples of extensions with combined user bases exceeding 100,000, showcasing various security risks. These include undisclosed clipboard access to remote domains, data exfiltration, remote code execution capabilities, search hijacking, and cross-site scripting vulnerabilities. The extensions employ tactics such as command-and-control infrastructure with domain generation algorithms, user tracking, and brand impersonation. The research emphasizes the importance of caution when installing browser extensions, even from trusted sources, and recommends immediate uninstallation of the identified malicious extensions.