Skip to main content

These malicious Chrome extensions have more than 1 million users — delete them now

and image of the Google Chrome logo on a laptop
(Image credit: Shutterstock)

The best Google Chrome extensions can add useful functionality to the popular web browser, but they can also be used to spread malware and threaten your cybersecurity. And a recent report (opens in new tab) from security firm McAfee has identified four extensions that promise to boost your browser but in return are actually stealing your data. 

The malicious browser extensions identified by McAfee are Netflix Party (and its successor Netflix Party 2), Full Page Screenshot Capture — Screenshotting and AutoBuy Flash Sale. Combined, they have over 1 million downloads, with the first Netflix Party having more than 800,000 installs alone.

These extensions do provide the core functionality promised, but according to McAfee they also inject unwanted code into your browser. If you have any of the four installed, the extension will check to see if it can inject an affiliate revenue code every time you navigate to a new web page, allowing the creators of the extension to profit off your online purchasing, without your consent. McAfee has released a video further detailing how this process works, which you can watch below. 

To Google’s credit, it takes a hardline stance against these malicious add-ons and has already removed both Netflix Party extensions from its Chrome Web Store. However, the others are still live and available to download. Furthermore, even if an extension is removed from the Chrome store, users who have previously downloaded the extension still need to take action. You’ll need to manually remove the extensions from your browser to fully protect yourself and ensure your online security isn’t being breached. 

Earlier this month, cybersecurity experts Kaspersky estimated that more than 1.3 million users have been affected by malicious browser extensions in just the first half of 2022 alone. In fact, from January 2020 to June 2022, Kaspersky discovered that more than 4.3 million users had adware hiding in their browser extensions. And while Google is constantly removing offending extensions, new ones continue to pop up at an alarming rate.

How to protect yourself from malicious browser extensions  

In order to protect yourself and your data from browser extension threats, Kaspersky first recommends that you only use trusted sources to download software. Malware and other unwanted applications are often distributed through third-party resources, as they don’t have the same security checks in place that official web stores do.

Even when downloading a browser extension from a trusted source, you should still carefully consider any access requests before agreeing to them. As the five examples above prove, even reputable webstores can play host to extensions with sinister intentions.   

At the same time, it’s also worth limiting the number of extensions you use and periodically reviewing which extensions you have installed in your browser. McAfee has previously identified extensions that initially appear fine, but after a set period of time begin harvesting your data. So, make sure you’re constantly checking what permissions extensions are seeking. 

Finally, you should have one of the best antivirus software solutions installed on all of your devices, as they can flag malicious extensions and warn you that they should be removed before your data falls into the wrong hands. 

Read next: Still using an iPhone 6? Upgrade now to fix this hacking risk.

Rory Mellon
Deals Editor

Rory is a Deals Editor at Tom’s Guide based in the UK. He covers a wide range of topics but with a particular focus on deals, gaming and streaming. When he’s not scouring retailers for PS5 restock or writing hot takes on the latest gaming hardware and streaming shows, he can be found attending music festivals and being thoroughly disappointed by his terrible football team.