A campaign involving 16 malicious Chrome extensions infected over 3.2 million users worldwide, exploiting browser vulnerabilities for advertising fraud and SEO manipulation. Discovered by GitLab Threat Intelligence, these extensions stripped security protections, injected harmful payloads, and hijacked user sessions. Despite removal from the Chrome Web Store, risks remain for users who haven’t uninstalled them. Regular audits and cautious permission granting are advised.

Fake Maccy app spreads password-stealing malware – grafa.com
Fake Maccy app spreads password-stealing malware grafa.com


