Eighteen popular browser extensions turn Trojan, compromising 2.3 million users.

Koi Security researchers have uncovered that eighteen once-harmless Chrome and Edge extensions were silently updated to include spying modules and command-and-control backdoors, infecting over 2.3 million users in a campaign dubbed RedDirection. Each extension continued to perform its advertised task while secretly capturing every visited URL, sending data to attacker-controlled servers, and redirecting users to malicious sites on demand. The operation leveraged automatic update mechanisms and store verification gaps to spread widely before the malicious versions were finally removed.

Read more:

https://cybernews.com/security/chrome-edge-hijacked-by-eighteen-malicious-extensions/