Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- Malicious browser extensions are a widespread problem.
- Even vetted extensions can be dangerous.
- Here’s what you should do to avoid issues.
Koi Security investigated a single malicious extension used as a color picker and found it had infected 2.3 million users on Chrome and Edge. Cybernews reported in 2024 that more than 350 million people downloaded insecure browsers during a two-year period.
Those two facts alone should have you rethinking your stance on browser extensions.
Back when I was working with an IT-managed support company, every time I ran into a computer that was running slowly or having issues, the first thing I would do was check if the user had installed browser extensions. Every time, the first type of extension I would look for was those that promised to offer users the best deals on various types of products. Those “coupon” extensions almost always caused problems.
Also: 5 browser extension rules to live by to keep your system safe in 2025
Malicious browser extensions are a widespread problem. This issue is so out of control, it’s made me rethink my use of extensions to the point that there’s only a single extension I use: Grammarly (and even then, I’m considering switching from the browser extension to a dedicated grammar checker used outside of the web browser).
The problem with browser extensions
The issue with browser extensions should be obvious: security.
Security Daily Review reported this year that more than 100 malicious Chrome extensions have been masquerading as tools for AI, VPNs, and crypto. Field Effect found 33 malicious Chrome extensions that had been installed by more than 2.6 million users. MSN posted an article stating that 245 browser extensions installed on nearly a million devices were silently disabling key security features in browsers.
Those numbers continue to grow and most likely will not slow down any time soon.
Ultimately, the problem boils down to security. That browser extension you installed could be leading a double life, and the hidden feature could be logging keystrokes and sending them to a third party. You could wind up installing an extension with a hidden ransomware payload.
Also: Malicious extensions can use ChatGPT to steal your personal data – here’s how
Most extensions are installed from a dedicated market for the browser you use. One might think those extensions have been fully vetted and safe, yet Bleeping Computer reported on August 7, 2025, that yet another malicious campaign, called GreedyBear, was found in 150 different extensions in the Mozilla add-on store.
Let me ask you this: Is that extension really worth the risk?
You see, malicious campaigns can be tucked away in the browser extension code or even ad networks that serve advertisements for the extension. All it takes is for you to install that extension and then, blamo, you’re in trouble.
Also: 5 great Chrome browser alternatives that put your privacy first
One big problem is that publishers of malicious extensions have become really good at injecting code into what looks like innocent browser apps. Or, even worse, they’ll add third-party branding to their extension to make it look like something you would normally trust.
Consider this: If you do a lot of online shopping, those malicious browser extensions could log your credit card information and either use or sell it.
How you can avoid malicious extensions
There are a few possible solutions here:
- Remove all browser extensions.
- Use only browser extensions from trusted sources.
- Check if a browser extension is safe.
Even if you use an extension from a trusted source, you never know if that extension is a rebranded malicious version or the original. For that reason, you should always go to the source site and follow links from there to the extension. At least that way you know you’re not installing a malicious extension masquerading as a trusted tool.
From my experience, it’s always better to be safe than sorry. Install one malicious extension and it’s game over.
Another option is to only install extensions from your browser’s add-on store that are verified. Verified extensions are generally more trustworthy than those that aren’t.
Again, better safe than sorry.
If there are extensions that you must use, consider taking advantage of this free tool that lets you know if an extension is safe, before you install it.
Another important piece of advice is to never install an extension from outside your browser’s web store. This is 100% an absolute no-no. If you find an extension you want to use and it’s only available outside the browser add-on store, do not install it. Period.
You can do an online search for “malicious browser extensions” and find a frightening number of results that point to a digital epidemic that shows no signs of slowing.
As much as I hate to say this, it’s becoming harder and harder to trust browser extensions, and my best advice is to avoid them completely. Yes, that might mean you lose a bit of convenience, but having to take a couple of extra steps to do something is worth it to keep your information and data safe.
Even if you use an OS that requires anti-malware/antivirus, those products aren’t always 100% reliable (especially at detecting malicious browser extensions). If those “anti” solutions were completely trustworthy, we wouldn’t be having this conversation. I’ve even reached the point where I won’t install extensions on Linux because you just never know. The same thing holds true for MacOS.
Also: I found the most private and secure way to browse the web -and it isn’t incognito mode
I know this sounds a bit apocalyptic, but the landscape of the internet has become a dangerous place, filled with all sorts of traps and pitfalls, and there’s no reason to make the job easier for malicious actors.
In the end, you’re simply safer if you remove those browser extensions, switch to a more secure browser, and browse wisely.
Leave a Reply