Urgent Cybersecurity Alert for Business Leaders 

Over 30 Google Chrome Browser Extensions Have Been Compromised

A recent cyberattack has highlighted a serious threat that could affect your organization.

On January 1, 2025, a large phishing attack compromised over 30 popular Google Chrome  browser extensions, impacting over 2.6 million users.

These extensions, including AI, VPN and productivity tools, were injected with malicious code designed to steal sensitive data such as session tokens, cookies, and login credentials—particularly targeting business accounts with access to platforms like Facebook Ads.

The following apps have been confirmed to be compromised, though there may be more:

cybersecurity alert with red alert triangle
  • VPNCity
  • Parrot Talks
  • Uvoice
  • Internxt VPN
  • Bookmark Favicon Changer
  • Castorus
  • Wayin AI
  • Search Copilot AI Assistant for Chrome
  • VidHelper – Video Downloader
  • AI Assistant – ChatGPT and Gemini for Chrome
  • TinaMind
  • Bard AI chat
  • Reader Mode
  • Primus (prev. PADO)
  • Cyberhaven security extension V3
  • GraphQL Network Inspector
  • GPT 4 Summary with OpenAI
  • Vidnoz Flex – Video recorder & Video share
  • YesCaptcha assistant
  • Proxy SwitchyOmega (V3)
  • Tracker
  • AI Shop Buddy
  • Sort by Oldest
  • Rewards Search Automator
  • Earny
  • ChatGPT Assistant
  • Keyboard History Recorder
  • Email Hunter
  • ChatGPT App
  • Web Mirror
  • Hi AI

This breach underscores the increasing risks associated with browser extensions. Attackers exploited these tools to access critical business data, leaving companies vulnerable to account takeovers, financial losses, and reputational damage.

As attacks become more sophisticated, it’s essential for organizations to prioritize the security of their browser extensions and IT systems.

At MAXtech Agency, we specialize in protecting businesses from evolving cybersecurity threats. Here’s how we can help safeguard your organization:

  • Extension Security Review: We’ll audit your browser extensions to identify vulnerabilities and ensure they are safe to use.
  • Proactive Cybersecurity Measures: Implement advanced threat detection and monitoring to secure your IT environment against similar breaches.
  • Employee Awareness Training: Equip your team with the knowledge to recognize phishing attempts and other social engineering tactics that lead to these attacks.

Imagine having peace of mind knowing your business is protected from cyber threats. With MAXtech, you’ll not only mitigate risks but also strengthen your overall security posture. Our expert support ensures your data and accounts remain secure while minimizing disruptions to your operations.

Additionally, with Google’s upcoming transition to the Manifest V3 framework for Chrome extensions by June 2025, we can assist in updating or replacing extensions to ensure compliance with the latest security standards.

We’re Here to Help

Don’t let this transition catch your organization off guard—prepare now to avoid potential disruptions.

Let’s work together to secure your business against current and future threats. We’d be happy to schedule a quick call or meeting to discuss how MAXtech can help you stay protected. Just follow the button below, or call us at 614-401-8800.