Security Research Reveals: Chrome Extensions Marketed as Privacy Protection Tools While Spying on You

Google Chrome

Warning.. Simple Chrome Extensions Selling Your Privacy Without Your Knowledge

Recent security research has revealed that some Chrome browser extensions, which at first glance appear simple and harmless, engage in dangerous activities that violate user privacy. This paradox raises concerns about the level of security within the official Chrome Web Store.

According to researchers at the cybersecurity firm Symantec, extensions offering popular services such as customizing the new tab page, parental controls, or improving search results, have been found to be spying on users, stealing clipboard content, and impersonating trusted brands—all without the user's knowledge.

From Helpful Tools to Hidden Threats

The study revealed that a number of these extensions, some with over 100,000 users, engage in behaviors unrelated to their advertised function. One example is an extension called Good Tab, which markets itself as a tool for customizing the new tab with weather and news, but in the background, it grants an external website the ability to read and write everything the user copies, including passwords or cryptocurrency wallet addresses, without any apparent warning.

Identity Impersonation and User Deception

One of the most serious cases researchers discovered was an extension called DPS Websafe, which claimed to provide ad-free search results, but in reality, it hijacked searches and tracked user activity. To gain trust, the extension used icons and visual cues similar to Adblock Plus, a popular and trusted tool, before rerouting searches through its own servers, thus opening the door to commercial tracking and manipulation of results.

Security Tools Turned into Spyware

Another extension, called Children Protection, which markets itself as a parental control tool, was found to be able to collect cookies and use them to hijack sessions, as well as execute code sent from external servers—practices typically associated with malware.

The Stock Informer extension, which appears to be a tool for tracking stocks and currencies, was found by the study to redirect searches for profit and to contain a security vulnerability that could allow attackers to execute malicious code within the browser.

Official Store, But Not Completely Secure

Remarkably, according to the researchers, all of these extensions passed Google's review process and were available through the official Chrome Web Store. Although some were later removed, others remain available. The message from experts is clear: an extension that appears useful or trustworthy is not necessarily secure.

With every permission you grant your browser, you may be unknowingly handing over your personal data to a third party. Therefore, experts advise users to minimize the number of extensions installed, carefully review permissions, and not trust any tool simply because it's available in the official Chrome Web Store.