These malicious Google Chrome extensions have stolen data from over 170 sites - find out if you're affected

• Malicious Google Chrome extensions "Phantom Shuttle" secretly rerouted traffic through attacker-controlled proxies
• Extensions targeted Chinese users, harvesting credentials from 170 high-value domains
• Google removed the plugins; experts warn browser add-ons remain a major security risk

Security researchers recently discovered two extensions for the Google Chrome browser were rerouting valuable traffic through compromised proxies, and thus sharing sensitive information with malicious third parties.

Socket said it found two extensions in the Chrome Web Store, named ‘Phantom Shuttle’. On the surface, these were advertised as plugins for a proxy service, allowing users to proxy traffic and test network speeds, and were targeted mostly for Chinese users such as foreign trade workers who need to test connectivity from different locations in the country.

The plugins, which were first uploaded to the store back in 2017, even came with a price tag - a monthly subscription costing anywhere between $1 ...