Home World USA Latin America Europe Asia Africa TV Shows Showbiz Travel Lifestyle Opinion Science Politics Health Sports Tech Entertainment Business
Entertainment January 22, 2026

YOUR BROWSER IS A NIGHTMARE: 17 Extensions EXPOSED!

YOUR BROWSER IS A NIGHTMARE: 17 Extensions EXPOSED!

A silent invasion has been underway for years, lurking within the seemingly harmless world of browser extensions. Researchers have uncovered a widespread campaign, dubbed GhostPoster, that has compromised the privacy of hundreds of thousands of users across Chrome, Firefox, and Edge.

The insidious nature of this threat lies in its stealth. Malicious code wasn’t hidden in complex program files, but cleverly concealed *within* the image files – the very logos – of popular extensions. This allowed the malware to remain undetected for as long as five years, quietly observing and manipulating user activity.

The initial discovery in December revealed 17 malicious Firefox add-ons, but the scope of the problem is far greater. LayerX researchers have since identified another 17 compromised extensions spanning multiple browsers, collectively installed over 840,000 times. This isn’t a targeted attack; it’s a broad net cast across the internet.

GhostPoster began its campaign on Microsoft Edge before expanding to Chrome and Firefox. Among the compromised extensions are familiar names like “Google Translate in Right Click Translate Selected Text with GoogleAds” – boasting over 522,000 installs – and “AdBlocker,” highlighting the danger of trusting even seemingly essential tools.

The sophistication of GhostPoster is unsettling. The malware doesn’t immediately activate, delaying its operation by 48 hours to evade initial detection. It also carefully controls when it communicates with its command servers, operating only under specific conditions, making it incredibly difficult to track.

Once active, the extensions wield a disturbing level of control. They can hijack affiliate links, diverting commissions to the attackers, and subtly weaken security protocols by manipulating HTTP headers. They’re capable of bypassing CAPTCHA challenges and injecting malicious code for click fraud and relentless user tracking.

While the malware doesn’t appear to steal passwords or engage in phishing scams, its impact on privacy and online security is significant. The constant monitoring and manipulation of browsing activity represent a serious breach of trust.

Though the malicious extensions have been removed from official browser stores, the danger isn’t over. Any user who previously installed these extensions remains vulnerable until they are manually removed. Immediate action is crucial to protect your online privacy.

This campaign serves as a stark reminder: the digital world is filled with hidden threats. Vigilance and a critical eye towards even the most trusted tools are essential in safeguarding your online experience.

Share this article

UMVA MAG

UMVA Mag is your trusted source for breaking news, in-depth analysis, and compelling stories from around the world. Covering politics, business, technology, entertainment, sports, health, science, and more — we deliver journalism that matters.

Independent, Accurate, Unbiased
24/7 Breaking News Coverage
Trusted by Millions Worldwide