A malicious group known as ShadyPanda has been exploiting browser extensions for Chrome and Edge, embedding a backdoor to harvest sensitive user data. Initially, these seemingly legitimate plugins were released between 2018 and 2019, but a hidden backdoor was discreetly added in 2024.
This backdoor is capable of collecting visited URLs, complete browsing history, and even intercepting HTTPS traffic. Such vulnerabilities can lead to credential theft and session hijacking. Notable extensions affected include Clean Master with over 200,000 installations, WeTab New Tab Page with more than 3 million installations, and Infinity V+. These alarming findings come from Koi Security’s blog.
Stay vigilant and regularly review browser extensions to ensure your security online.
