152 Chrome extensions (105K installs) distributed adware and falsified traffic

Colleagues, a cybersecurity alert: we identified a network of 152 Chrome extensions (105K installs) distributing PUPs and falsifying traffic sources.
- Socket: 38 accounts and 3 backends; extensions covertly logged IP, ISP, clicks and forwarded data to ad partners.
- Embedded UTM tags and uninstall redirection via google.com/url simulated "organic" search.
- Code could iterate and delete IndexedDB when starting a service worker; campaign assessed as commercial adware and attribution fraud.
Why it matters: extensions evade review, undermining privacy and advertising transparency.
Have you encountered similar extensions?
#cybersecurity #browsersecurity #adware #Chrome


Latest comments
No comments yet.