Malicious Extensions: How Your Trusted Browser Tools Became Sneaky Spies!

Security researchers at Koi Security discovered 18 malicious browser extensions on Chrome and Edge, masquerading as helpful tools but secretly spying on over 2.3 million users. Dubbed RedDirection, this campaign exploited trust signals for years. If you’ve installed any, remove them immediately, clear your browser data, and scan for malware.

3P
Published: July 8, 2025 3:14 pmAdded: July 8, 2025 at 8:39 amAssembled by: The Editor
Pro Dashboard

Hot Take:

It seems like browser extensions have gone from helpful buddies to sneaky spies! Those adorable emoji keyboards and helpful weather forecasts might be more interested in your browsing history than you are in them. Who knew you had to be cautious of your virtual pen pals? Time to be a little more Sherlock Holmes and a little less Mr. Trusty McTrustface with those browser add-ons!

Key Points:

– A total of 18 malicious browser extensions identified by Koi Security are still available for download.
– Extensions disguise themselves as productivity and entertainment tools.
– Over 2.3 million users have been infected by these extensions.
– Extensions initially clean, later updated with malware.
– Centralized attack infrastructure dubbed “RedDirection”.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?