• Latest
  • All
  • How To
Chrome extensions

Over 3.2 Million Users Hit by Malicious Chrome Extensions in Major Cyberattack

February 27, 2025
How to Block Muse Image From Downloading and Remixing Your Reels

Muse Image: How to Block Others From Generating AI Content Using Your Instagram Posts

July 10, 2026
African Game Studios Can Now Apply for Google’s New $1 Million Fund

Google Tightens Play Store Terms Around Data, Sharing, and Billing

July 10, 2026
IEBC Owns Up to Cracks in 2022’s Dispute Resolution Process, Eyes Fixes Before 2027

IEBC Owns Up to Cracks in 2022’s Dispute Resolution Process, Eyes Fixes Before 2027

July 10, 2026
Emissions test

New Bill Would Force Kenyan Motorists to Test Vehicle Emissions Every Year

July 9, 2026
DHgate Tablet Cases deals
SpaceXAI Grok 4.5

Elon Musk Rebrands xAI as SpaceXAI and Launches Grok 4.5

July 9, 2026
KOKO Networks Puts Its Ethanol Empire Up For Sale

KOKO Networks Puts Its Ethanol Empire Up For Sale

July 8, 2026
Betting

New Betting Rules Let Families Request Gambling Bans for Loved Ones

July 8, 2026
Vodafone’s 55% Stake Gives It Control Over Safaricom Boardroom

Vodafone’s 55% Stake Gives It Control Over Safaricom Boardroom

July 8, 2026
Starlink

Starlink Suspends New Signups Across 7 Kenyan Counties as Capacity Fills Up

July 8, 2026
Muse Image

Meta Launches Muse Image, Its First In-House AI Image Generator

July 8, 2026
IEBC

IEBC Temporarily Suspends Online Voter Services During ICT System Upgrade

July 8, 2026
AI

Kenya’s AI Policy, As the Government Sees It

July 7, 2026
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
No Result
View All Result

Over 3.2 Million Users Hit by Malicious Chrome Extensions in Major Cyberattack

Naftary Thitu by Naftary Thitu
February 27, 2025
in News
Reading Time: 2 mins read
292
0
Chrome extensions

A coordinated campaign involving at least 16 malicious Chrome extensions has compromised over 3.2 million users globally.

These extensions, masquerading as legitimate tools such as screen capture utilities and ad blockers, have been exploiting browser vulnerabilities to execute advertising fraud and manipulate search engine optimization (SEO).

Discovered by GitLab Threat Intelligence in February 2025, the malicious extensions have been active since at least July 2024.

The threat actors behind this campaign are believed to have acquired access to some of these extensions from their original developers. Subsequently, injecting malicious code to hijack user sessions and degrade browser security.

This sophisticated attack chain involves multiple stages, including the use of service workers to communicate with unique configuration servers, enabling the dynamic fetching and execution of obfuscated JavaScript payloads from remote servers.

.

A particularly concerning aspect of this attack is the manipulation of the Content Security Policy (CSP). By deploying service workers to strip CSP headers from the first 2,000 websites visited per session, the attackers create a permissive environment for malicious activities, allowing for the injection of unauthorized scripts and content.

This degradation of browser security facilitates a range of malicious activities, including the modification of network request filtering rules, manipulation of search engine results, and injection of iframes with remote content, particularly targeting e-commerce platforms in specific regions.

Despite their removal from the Chrome Web Store, these malicious extensions continue to pose a threat to users who have not manually uninstalled them. It is imperative for users to review their installed Chrome extensions and remove any suspicious or unrecognized ones.

Regularly updating extensions and exercising caution when granting permissions can help mitigate such risks. This incident underscores the importance of vigilance when managing browser extensions, as even legitimate tools can become compromised and pose significant security threats.

In light of this breach, cybersecurity experts recommend that users adopt a proactive approach to browser security. This includes regularly auditing installed extensions, staying informed about potential threats, and employing reputable security tools to detect and prevent malicious activities.

Tags: ChromeMalware
SendShare166Tweet104
Naftary Thitu

Naftary Thitu

Tech enthusiast and ICT guru by trade, I simplify digital trends and gadgets into articles everyone can enjoy. Email: [email protected]

Related Posts

Googlebook

Google’s New Laptop Is Called Googlebook, and It Runs on Android

May 14, 2026
Cyber Threats

Kenya Detects 3.3 Billion Cyber Threats in 2026 Led by System Attacks

May 6, 2026
Google Play Protect

Google Blocks 27 Million Malicious Apps and Bans 80,000 Developers in 2025

February 20, 2026
Cyber Attacks

Cyber Attacks in Kenya Jump 441% in Just Three Months

January 28, 2026
Cybersecurity

Kenya Detects 842M Cyberthreats, Down 81% From Last Quarter

December 9, 2025
cyberthreats

31.5% of Kenyan Users Hit by Malware in New Cyber Report

December 9, 2025

Latest

How to Block Muse Image From Downloading and Remixing Your Reels

Muse Image: How to Block Others From Generating AI Content Using Your Instagram Posts

July 10, 2026
African Game Studios Can Now Apply for Google’s New $1 Million Fund

Google Tightens Play Store Terms Around Data, Sharing, and Billing

July 10, 2026
IEBC Owns Up to Cracks in 2022’s Dispute Resolution Process, Eyes Fixes Before 2027

IEBC Owns Up to Cracks in 2022’s Dispute Resolution Process, Eyes Fixes Before 2027

July 10, 2026
Emissions test

New Bill Would Force Kenyan Motorists to Test Vehicle Emissions Every Year

July 9, 2026
SpaceXAI Grok 4.5

Elon Musk Rebrands xAI as SpaceXAI and Launches Grok 4.5

July 9, 2026
KOKO Networks Puts Its Ethanol Empire Up For Sale

KOKO Networks Puts Its Ethanol Empire Up For Sale

July 8, 2026

Best devices

Best Infinix Phones of 2025

Best Infinix Phones of 2025: Budget Prices With Premium Features

December 31, 2025

The Best Infinix Accessories Worth Buying in 2025

November 26, 2025

Best Budget Wireless Earbuds To Buy in Kenya (2025)

October 8, 2025

Samsung Galaxy A36 5G vs Samsung Galaxy A56 5G: Comparison Review

August 29, 2025

Infinix Hot 60 Pro+ vs Infinix Hot 60i: Comparison Review

August 22, 2025

Best Budget Smartwatches To Buy in Kenya 2025

February 13, 2025

Techweez is where tomorrow’s tech stories break today, thanks to intelligent analysis, real-world insight, and visionary storytelling.

Follow Us

Editorials

Inside Bumble, the Dating App Where Women Call the Shots

Locket: Photo Sharing App With No Feed, No Likes, and No Algorithms

Couple Joy: A Long-Distance Dating App That Builds Intimacy in Small Daily Acts

Airbuds: The App That Turns Your Music Into a Social Feed

Kenya Might Need to Crack Down on Wealth Porn Like China

Techweez and Gearhaus Score BAKE Awards 2026 Nominations

More News

New Betting Rules Let Families Request Gambling Bans for Loved Ones

Vodafone’s 55% Stake Gives It Control Over Safaricom Boardroom

Starlink Suspends New Signups Across 7 Kenyan Counties as Capacity Fills Up

Meta Launches Muse Image, Its First In-House AI Image Generator

IEBC Temporarily Suspends Online Voter Services During ICT System Upgrade

Kenya’s AI Policy, As the Government Sees It

  • Terms Of Use
  • Techweez Brand
  • Privacy & Policy
  • Contact Us

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!

Hey there! Just a heads-up: we're big fans of cookies - both the digital and edible kind! 🍪 We use our cookies and some from third parties to ensure your browsing experience on our site is smooth sailing and secure.

 

But wait, there's more! We also use cookies to gather stats and insights on how you navigate our site. It's like getting a behind-the-scenes peek at your digital adventures!

 

Don't worry, you're in control. You can adjust your cookie settings anytime to suit your preferences. Feeling curious? Dive into our Privacy Policy for all the juicy details. Happy browsing! 🚀

Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
No Result
View All Result
  • News
  • Reviews
  • Features
  • Editorial
  • Automotive
  • Entertainment

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.