Tech »  Topic »  11 Google-Verified Chrome Extensions Infected Over 1.7 Million Users

11 Google-Verified Chrome Extensions Infected Over 1.7 Million Users


A chilling discovery by Koi Security has exposed a sophisticated browser hijacking campaign dubbed “RedDirection,” compromising over 1.7 million users through 11 Google-verified Chrome extensions.

This operation, which also spans Microsoft Edge with additional extensions totaling 2.3 million infections across platforms, exploited trusted signals like verification badges, featured placements, and high install counts to distribute malware under the guise of legitimate productivity and entertainment tools.

Unveiling the RedDirection Campaign

Extensions such as “Color Picker, Eyedropper Geco colorpick,” “Video Speed Controller,” and “Emoji keyboard online” were among the culprits, delivering promised functionality while secretly embedding surveillance and redirection mechanisms.

The report page of “Video Speed Controller” as detected by ExtensionTotal’s risk engine

The RedDirection campaign stands out due to its deceptive strategy of remaining benign for years before introducing malicious code via silent updates, a tactic that evaded scrutiny from both Google and Microsoft’s extension marketplaces.

These ...


Copyright of this story solely belongs to gbhackers . To see the full text click HERE