Imagine you’re at home, working, watching YouTube, or maybe checking your bank account. Everything seems fine. After all, you only install browser extensions from the official Chrome or Edge store, right? That means they’re safe… right?
Unfortunately, not always.
Recently, cybersecurity researchers at Koi security discovered that millions of people unknowingly installed malicious browser extensions—from trusted sources, with verified badges.
As someone passionate about cybersecurity and making it understandable for everyone, let me explain what happened—and more importantly, what you can do right now to protect yourself.
What Are Browser Extensions, Anyway?
Browser extensions are tiny apps you add to your web browser. They do helpful things—like blocking ads, picking colors from websites, managing passwords.
But here’s the thing: these extensions often need access to everything you do online—the websites you visit, the text you type etc.
The research Koi security mentioned that when these extensions were downloaded, they are completely clean, but malware got introduced in the version updates. The Red Direction team from koi security has run an investigation on one of the extension “Color Picker extension” which revealed some hijacking functionality – For example: It can actually capture the URL pages which the user visit, can send this information to a remote server and the malicious actor can redirect the user to a fake URL pages and a possible compromise can happen.
As per Mirror following are the affected extensions and you need to take immediate action incase you think you have installed them.
•Emoji keyboard online (Chrome)
• Free Weather Forecast (Chrome)
• Unlock Discord (Chrome)
• Dark Theme (Chrome)
• Volume Max (Chrome)
• Unblock TikTok (Chrome)
• Unlock YouTube VPN (Chrome)
• Geco colorpick (Chrome)
• Weather (Chrome)
• Unlock TikTok (Edge)
• Volume Booster (Edge)
• Web Sound Equalizer (Edge)
• Header Value (Edge)
• Flash Player (Edge)
• Youtube Unblocked (Edge)
• SearchGPT (Edge)
• Unlock Discord (Edge)
What YOU Should Do Today
1. Review Your Extensions
- On Chrome: Go to chrome://extensions/
- On Edge: Go to edge://extensions/
- If you don’t need it — remove it.
2. Clear Your Browser Data
- If you think you have installed the above affected extensions by any chance, go to your browser settings and clear your history, cookies, and site data.
3. Change Your Passwords
- Consider changing your passwords in case you have any of the affected extensions and suggest removing those extensions. Incase of any help needed on- How to set a strong password please read the blog :Discover How Knowing Just the Number of Characters Could Put Your Accounts at Risk! – CyberSecForAll
Disclaimer: The information provided in this blog is intended solely for educational and informational purposes. It should not be construed as professional advice. The author makes no representations as to the accuracy or completeness of any information and will not be held liable for any actions taken based on the content of this blog. Readers are encouraged to do their own research and consult with appropriate professionals where necessary.
