• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Trending:
  • Kashmir
  • Elections
Wednesday, July 8, 2026

Daily Times

Your right to know

  • HOME
  • Latest
  • Iran-Israel war
  • Gilgit Baltistan Election
  • Pakistan
    • Balochistan
    • Gilgit Baltistan
    • Khyber Pakhtunkhwa
    • Punjab
    • Sindh
  • World
  • Editorials & Opinions
    • Editorials
    • Op-Eds
    • Commentary / Insight
    • Perspectives
    • Cartoons
    • Letters to the Editor
    • Featured
    • Blogs
      • Pakistan
      • World
      • Lifestyle
      • Culture
      • Sports
  • Business
  • Sports
  • E-PAPER
    • Lahore
    • Islamabad
    • Karachi

Over 1.7 million users at risk from malicious chrome extensions

Published on: July 9, 2025 3:34 PM

Security researchers have discovered 11 malicious Google Chrome extensions that have collectively been downloaded over 1.7 million times. These extensions, available on the Chrome Web Store, are capable of tracking user activity and redirecting them to dangerous websites. The threat was first identified by cybersecurity experts at Koi Security and reported by Bleeping Computer.

The malicious extensions disguised themselves as popular tools such as VPNs, emoji keyboards, and sound boosters. With positive user reviews and prominent listings, many users installed them without suspicion. However, the extensions were later updated with harmful code, turning once-safe tools into security risks. Some have been removed by Google, but others are still available for download.

According to Koi Security, the issue lies in the background service workers of these extensions. When users visit new web pages, these service workers quietly capture the URLs and send them to a remote server. Each user is assigned a unique tracking ID, and the server could potentially redirect them to unsafe websites, increasing the risk of cyberattacks.

While no active redirection has been confirmed so far, the silent addition of malicious code through Google’s auto-update system is worrying. Users were not notified or asked for permission when these updates were installed, suggesting a possible compromise by external actors. A similar issue has been found on Microsoft Edge, where malicious extensions were downloaded over 600,000 times.

This large-scale browser hijacking campaign has now affected more than 2.3 million users across Chrome and Edge. Koi Security strongly advises users to uninstall the listed extensions immediately, clear their browsing data, and run malware scans. Users should also stay alert for unusual account activity or unauthorized access.

Some of the harmful Chrome extensions include:

  • Color Picker, Eyedropper — Geco colorpick
  • Emoji Keyboard Online — Copy&paste your emoji
  • Volume Max — Ultimate Sound Booster
  • Unlock Discord — VPN Proxy
  • Unblock TikTok
  • Dark Theme — Dark Reader
    Removing these tools is crucial to protect personal data and online security, especially as new threats continue to emerge.

Filed Under: Trending, World Tagged With: cybersecurity experts at Koi Security and reported by Bleeping Computer, Latest, Over 1.7 million users at risk from malicious chrome extensions, Security researchers have discovered 11 malicious Google Chrome extensions

Submit a Comment




Primary Sidebar




Latest News

Argentina stage stunning late comeback to see off Egypt, reach quarter-finals

Fast bowlers must have aggressive mindset to take wickets, says coach Iftikhar

Sinner and Gauff make it to Wimbledon semi-finals

Spain win it late to bid farewell to Ronaldo at World Cup

Greaves bats West Indies back into 2nd test against Sri Lanka on day 4

Pakistan

Nine policemen martyred in Ziarat attack, 15 terrorists killed in clearance operation

ANP leader’s brother shot dead in Bajaur; one killed in Bannu quadcopter attack

PM Shehbaz vows to eliminate terrorism

Pakistan, Kyrgyzstan agree to bolster trade, investment ties

Imran, wife’s lawyers given last chance for arguments in £190m case appeals

More Posts from this Category

Business

Govt plans first dollar-settled rupee bonds, more Sukuk, Eurobond issues

IT minister reaffirms commitment to global digital cooperation

Rupee almost remains stable against dollar

Gold prices fall by Rs 2,500 per tola

Over 75 KP businessmen participate in Tashkent investment conference

More Posts from this Category

World

Qatar slams ‘Iranian attack’ as ships hit in Hormuz flare-up

NATO unveils billions in arms deals as Trump again demands Greenland

US sanctions on Türkiye

Trump Announces End of US Sanctions on Türkiye, Signals Approval for F-35 Sale

More Posts from this Category




Footer

Home
Lead Stories
Latest News
Editor’s Picks

Culture
Life & Style
Featured
Videos

Editorials
OP-EDS
Commentary
Advertise

Cartoons
Letters
Blogs
Privacy Policy

Contact
Company’s Financials
Investor Information
Terms & Conditions

Facebook
Twitter
Instagram
Youtube

© 2026 Daily Times. All rights reserved.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}