Compromised Google Chrome Extensions

Compromised Google Chrome Extensions

Recent reports have identified several compromised Chrome extensions that have affected millions of users. Some of the notable ones include:

  • Visual Effects for Google Meet
  • Reader Mode
  • Email Hunter
  • Bard AI Chat
  • Rewards Search Automator

How to Detect Compromised Extensions

To detect compromised browser extensions, you can follow these steps:

  1. Check Permissions: Review the permissions requested by each extension. If an extension requests excessive permissions, it might be suspicious.
  2. Monitor Extension Behavior: Look for unusual behavior, such as redirects, pop-ups, or changes in browser settings.
  3. Use Security Tools: Utilize tools like Microsoft Defender, Intune, or Elastic to scan and block malicious extensions.
  4. Regular Updates: Ensure your extensions are regularly updated and check for any security alerts related to them.

Alternative Browsers to Google Chrome

If you’re looking for browsers that are not affected by these issues, consider the following alternatives:

  • Mozilla Firefox: Known for its strong privacy features and customization options.
  • Brave: Focuses on privacy and security, with built-in ad-blocking and tracking protection.
  • Vivaldi: Offers extensive customization and unique features.
  • Tor Browser: Provides anonymity and privacy by routing traffic through the Tor network.
  • Opera: Includes a built-in VPN and various privacy tools.

Note: Microsoft Edge is based on the Chromium engine, which means it shares some vulnerabilities with Chrome. However, Edge has additional security features that can help mitigate these risks.

I found an article https://arstechnica.com/security/2025/01/dozens-of-backdoored-chrome-extensions-discovered-on-2-6-million-devices/ that lists some or all of the known offenders and discusses it further if you want more information. Browser Extensions and the even newer “Website Notifications” are making browsing less safe as generally you the user have to agree to them before they will work. Who decided a website should be able to pop up a screen like an app on your phone? And why are they always Ads, or security warnings?

Scroll to Top