Blog API Pricing Login
Pricing Login
Blog
Text
Text
Draw
Draw
Shapes
Shapes
Annotations
Annotations
Highlight
Highlight
Watermark
Watermark
Notes
Notes
Find & Replace
Find & Replace
Sign
Sign
Protect
Protect
Unlock
Unlock
Merge
Merge
Split
Split
Extract
Extract
Compress
Compress
Rotate
Rotate
Page Numbers
Page Numbers
PDF → Word
PDF → Word
PDF → Excel
PDF → Excel
PDF → PowerPoint
PDF → PowerPoint
PDF → Image
PDF → Image
Word → PDF
Word → PDF
Image → PDF
Image → PDF
OCR
OCR
PDF Chat
Analyze
Report
Book
Flashcards
Video
Image
AI Film
Faceless
UGC
Logo
Thumbnail
Shorts
Memes
Bg Remove
AI Agent
Calendar
Medias
Post & Edit
Platforms
LinkedInLinkedIn XX InstagramInstagram TikTokTikTok FacebookFacebook YouTubeYouTube RedditReddit
Login
Cybersecurity

Google Purges 108 Malicious Chrome Extensions Linked to Russian Cyberattack

Apr 17, 2026 2 min read
Google Purges 108 Malicious Chrome Extensions Linked to Russian Cyberattack

Security Breach Details

Google recently removed 108 malicious extensions from the Chrome Web Store following a massive cyberattack originating from Russia. Security researchers discovered that these add-ons were designed to intercept sensitive user data and manipulate web traffic. The campaign targeted millions of users who downloaded the tools for productivity and customization purposes.

The malicious software functioned by masquerading as legitimate utilities. Once installed, the extensions gained permissions to read and change data on all visited websites. This allowed the attackers to capture login credentials, financial information, and private session tokens without triggering standard security alerts.

Technical Execution and Risks

The attackers employed sophisticated obfuscation techniques to bypass Google's automated security scans. By frequently updating the code, the developers kept the malware active for several months. The primary risks to affected users include:

Investigation into the source code revealed links to infrastructure previously associated with Russian cyber-espionage groups. While Google has disabled the extensions in the store, they may remain active on systems where they were already installed. Manual removal is necessary to fully secure compromised browsers.

Mitigation for Professionals

Administrators and individual developers should audit their browser environments immediately. Checking the chrome://extensions page allows users to identify and delete any unrecognized software. Security professionals recommend limiting extension permissions to specific sites rather than allowing global access.

Enterprise environments should consider implementing group policies that whitelist only verified extensions. This centralized control prevents employees from inadvertently introducing high-risk code into the corporate network. Relying on built-in browser features instead of third-party add-ons reduces the attack surface significantly.

Monitor system logs for unusual outbound traffic to unknown domains associated with these identified threats.

Free PDF Editor

Free PDF Editor — Edit, merge, compress & sign

Try it
Tags Cybersecurity Google Chrome Malware Data Privacy Browser Security
Share

Stay in the loop

AI, tech & marketing — once a week.