Happy New Year 2025 to all our members and visitors! Our Forum is Now Back Online After Some Critical Upgrade- We Apologize for the inaccessibility Period! Thank You all. CORONAVIRUS safety tips from Admin! 1. Watch your hands with running water 2. Dont cough in your hands 3. Keep distance from people 4. Stay indoor if neccessary!! Stay safe !!! Dear Members,Do you know that naijacrux is fully programmed to serve you better, Do you know that you can share your favorite post on naijacrux with friends on twitter,facebook, googleplus,myspace and many more! To share post on naijacrux with friends and family on twitter, facebook,googleplus,myspace,and many more, scroll to the down page of the post, Click on the Social Icon You Want To Share On To Share.


Author Topic: These 108 Malicious Chrome Extensions Are Stealing Google and Telegram Data  (Read 33 times)

0 Members and 1 Guest are viewing this topic.

Offline Nairaland

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 405
  • Karma: +0/-0
Advertisement
These 108 Malicious Chrome Extensions Are Stealing Google and Telegram Data

If you use Google Chrome, listen up: You may be running malicious extensions without even knowing it. As reported by The Hacker News, cybersecurity researchers with Socket's Threat Research Team have identified 108 extensions available in Google Chrome that steal login credentials, user IDs, and browsing data. All 108 extensions route that information back to servers controlled by a single operator, despite these extensions being published by five different developers (GameGen, InterAlt, Rodeo Games, SideGames, and Yana Project). These extensions collectively have around 20,000 installations, which isn't a massive pool of targets considering Chrome's 3.62 billion users, but is still a concern given the number of extensions involved in this coordinated scheme.

Socket's team identified that there are some key categories these extensions are published under: Telegram sidebar clients, which display a working Telegram chat interface in the browser; slot machine and Keno games, which offer a playable gambling experience; YouTube and TikTok "enhancers;" page utility extensions; and one text translation tool. All extensions appear to offer the services advertised in the Chrome Web Store, all the while running malicious programs under the surface.

Users who install the Telegram client may get a functioning chat experience, but underneath, the extension is stealing that user's Telegram Web sessions every 15 seconds, which leaks all messages, contacts, and linked accounts. 54 of the extensions steal your Google account identity when you click the "sign-in" option, which leaks your email, name, and profile picture to the operator. (Notably, the scheme does not grant the operator access to your Google account.) Forty-five of the extensions have a backdoor that can open any URL the operator wants in your browser. Seventy-eight of the extensions can inject HTML code into your browser. Five extensions can remove YouTube and TikTok security measure in order to inject gambling ads and overlays onto the sites. And when you sign up for the text translation tool, it sends your email and full name to the server, as well as anything you translate with the extension.

How to protect yourself from these malicious extensions

The first thing you should do is check to see whether you have any of these extensions running in your browser. Some of the more popular extensions identified here include "Telegram Multi-account," "Black Beard Slot Machine," "Page Locker," and "InterAlt," but you can find a complete list of the extensions, including their Chrome Extension IDs, on Socket's report here.

If you used Telegram Multi-account, Socket recommends logging out of all Telegram Web sessions using the Telegram app. You can find the option from Settings > Devices > Terminate all other sessions. If you signed into any of these extensions with your Google account, assume your identity was exposed, and review your third-party app permissions here. Unfortunately, if you used Text Translation with your email, your name and email address were exposed.

Going forward, exercise extreme caution before installing new extensions in your browser. While the Chrome Web Store should only contain "safe" extensions, malicious programs find their way onto the marketplace. Always carefully review each listing before installing the extension: If the extension requires sensitive information, lacks many reviews, or the listing is poorly constructed, it's best to avoid it entirely. 


Source: These 108 Malicious Chrome Extensions Are Stealing Google and Telegram Data


 

 

Google's Pixel 10a Isn't Much of an Upgrade From the Pixel 9a

Started by Nairaland

Replies: 0
Views: 237
Last post February 26, 2026, 07:36:12 PM
by Nairaland
Google Messages Will Soon Let You Delete Messages for Everyone

Started by Nairaland

Replies: 0
Views: 2900
Last post May 10, 2025, 12:22:16 PM
by Nairaland
What to Expect From Made by Google 2025: Pixel 10, Pixel 10 Pro Fold, Pixel Watch 4 and More

Started by Nairaland

Replies: 0
Views: 1092
Last post August 26, 2025, 05:31:16 PM
by Nairaland
Google No Longer Supports Android 12 or Android 12L

Started by Nairaland

Replies: 0
Views: 3275
Last post April 18, 2025, 02:25:06 PM
by Nairaland
Google's Pixel 9a Misses Out on a Couple of Pixel AI Features

Started by Nairaland

Replies: 0
Views: 2799
Last post March 28, 2025, 10:23:23 PM
by Nairaland