108 Chrome Extensions Steal Data and Inject Ads

A team of security researchers has discovered 108 Chrome extensions that not only inject advertisements but also steal users' personal data. These extensions appear harmless and useful at first glance, but analysis shows that they often pursue criminal intentions. The researchers examined a variety of extensions available in the Chrome Web Store and found that many of these tools have malicious features that allow developers to access sensitive information. This includes data on visited websites, search queries, and even personal account information.

Some of the identified extensions use techniques such as web scraping to extract data from users. This information can then be used for targeted advertising or even fraudulent activities. The researchers warn that users often do not even notice that their data is being compromised. The security situation is exacerbated by the fact that many of these extensions have a high number of downloads. Some of the dangerous tools have been downloaded over 100,000 times, increasing the potential reach of the threat.

Users who have installed these extensions are exposed to significant risk. The researchers recommend regularly reviewing installed extensions and uninstalling unnecessary or unknown tools. Additionally, users should closely monitor the permissions of the extensions to ensure that no sensitive data is collected without consent. Another aspect of the investigation concerns Google's response to these security threats. The company has previously taken measures to remove malicious extensions from the Chrome Web Store.

However, the question remains whether these measures are sufficient to effectively protect users. The discovery of these 108 extensions also raises questions about the responsibility of developers. Many of them operate anonymously, and it is unclear how they use the collected data. The researchers call for more transparency and stricter guidelines for the development of browser extensions. Security research shows that the threat from malicious extensions is not only a technical problem but also a societal one.

Users must be aware of the risks and actively take steps to protect their data. The researchers emphasize that education and awareness are key to improving internet security. The study was published on April 15, 2026, and has already caused a stir in the security community. Experts warn that the number of harmful extensions could continue to rise in the future if effective measures are not taken.