What are the malicious Chrome extension IDs?

Socket published the full list in their report — search 'Socket Chrome extensions campaign' and match against your installs.

How do I check for malicious Chrome extensions?

Go to chrome://extensions/, scan for matches from Socket's list, uninstall immediately. Revoke any suspicious app permissions in myaccount.google.com.

Will Google remove these malicious extensions?

They've been notified but many are still live. Check back regularly; pressure via social helps.

🕳️ Vulnerabilities & CVEs

[Alert] 100+ Malicious Chrome Extensions Steal Accounts

More than 100 malicious Chrome extensions are lurking in the official Web Store, swiping OAuth tokens and hijacking sessions. Google's response? Crickets so far.

CVE Watch Apr 16, 2026 3 min read 11 views

Malicious Chrome extensions icons targeting user data in Web Store

⚡ Key Takeaways

Over 100 malicious Chrome extensions use shared C2 to steal OAuth tokens, hijack sessions, and run backdoors. 𝕏
Russian MaaS likely behind it, with code comments and Contabo VPS as evidence. 𝕏
Extensions still live in Web Store despite notification; users must self-audit. 𝕏

Written by

Ibrahim Samil Ceyisakar

Founder and Editor in Chief. Technology entrepreneur tracking AI, digital business, and global market trends.

#Google security #MaaS #chrome-extensions #malware #oauth-theft

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by Bleeping Computer

⚡ Key Takeaways

The 60-Second TL;DR

Ibrahim Samil Ceyisakar

Share this article

Worth sharing?

Related Stories

Venom Stealer: The Malware That Turns One-Time Heists into Endless Data Streams

Sednit Reloaded: Old Code, New Tricks [Ukraine]

Google's Rush to Post-Quantum Crypto by 2029: Prudent or Panic?

Hack Recovery: Act Fast or Lose It

Stay in the loop