CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Fake AI Assistant Extensions in Google Chrome Web Store Exfiltrate Credentials and Monitor Emails

First reported
Last updated
2 unique sources, 2 articles

Summary

Hide ▲

Over 260,000 Google Chrome users downloaded fake AI assistant extensions that steal login credentials, monitor emails, and enable remote access. Researchers at LayerX identified over 30 malicious extensions as part of a coordinated campaign called AiFrame. The extensions mimicked popular AI assistants like Claude AI, ChatGPT, Grok, and Google Gemini. The campaign used extension spraying to evade takedowns, directing users to remote infrastructure to avoid detection. The extensions exfiltrate data from Chrome and Gmail to attacker-controlled servers. LayerX warns that these extensions act as general-purpose access brokers, capable of harvesting data and monitoring user behavior. Many extensions have been removed from the Chrome Web Store, but users who downloaded them remain at risk. Additionally, cybersecurity researchers have discovered a malicious Google Chrome extension named CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl) that steals TOTP codes for Facebook and Meta Business accounts, Business Manager contact lists, and analytics data. The extension exfiltrates data to infrastructure controlled by the threat actor, including a backend at getauth[.]pro and a Telegram channel. The extension has 33 users as of writing and was first uploaded to the Chrome Web Store on March 1, 2025. About 500,000 VKontakte users have had their accounts silently hijacked through Chrome extensions masquerading as VK customization tools. The large-scale campaign has been codenamed VK Styles. The malware embedded in the extensions is designed to engage in active account manipulation by automatically subscribing users to the attacker's VK groups, resetting account settings every 30 days to override user preferences, manipulating CSRF tokens to bypass VK's security protections, and maintaining persistent control. The activity has been traced to a threat actor operating under the GitHub username 2vk, who has relied on VK's own social network to distribute malicious payloads and build a follower base through forced subscriptions. A report published by Q Continuum found a huge collection of 287 Chrome extensions that exfiltrate browsing history to data brokers. These extensions have 37.4 million installations, representing roughly 1% of the global Chrome userbase.

Timeline

  1. 13.02.2026 13:25 2 articles · 11h ago

    Fake AI Assistant Extensions in Google Chrome Web Store Exfiltrate Credentials and Monitor Emails

    Over 260,000 Google Chrome users downloaded fake AI assistant extensions that steal login credentials, monitor emails, and enable remote access. Researchers at LayerX identified over 30 malicious extensions as part of a coordinated campaign called AiFrame. The extensions mimicked popular AI assistants like Claude AI, ChatGPT, Grok, and Google Gemini. The campaign used extension spraying to evade takedowns, directing users to remote infrastructure to avoid detection. The extensions exfiltrate data from Chrome and Gmail to attacker-controlled servers. LayerX warns that these extensions act as general-purpose access brokers, capable of harvesting data and monitoring user behavior. Many extensions have been removed from the Chrome Web Store, but users who downloaded them remain at risk. The extensions render a full-screen iframe overlay pointing to a remote domain ("claude.tapnetic[.]pro"), allowing the attackers to remotely introduce new capabilities without requiring a Chrome Web Store update. When instructed by the iframe, the add-ons query the active browser tab and invoke a content script to extract readable article content using Mozilla's Readability library. The malware also supports the capability to start speech recognition and exfiltrate the resulting transcript to the remote page. A smaller set of the extensions contain functionality to specifically target Gmail by reading visible email content directly from the document object model (DOM) when a victim visits mail.google[.]com. When Gmail-related features such as AI-assisted replies or summaries are invoked, the extracted email content is passed into the extension's logic and transmitted to third-party backend infrastructure controlled by the extension operator.

    Show sources
    Open in new tab
  2. 13.02.2026 13:25 1 articles · 11h ago

    Malicious Chrome Extension CL Suite Steals TOTP Codes and Business Data

    The extension CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl) steals TOTP codes for Facebook and Meta Business accounts, Business Manager contact lists, and analytics data. The extension exfiltrates data to infrastructure controlled by the threat actor, including a backend at getauth[.]pro and a Telegram channel. The extension has 33 users as of writing and was first uploaded to the Chrome Web Store on March 1, 2025. The extension does not have capabilities to steal password-related information but can be used to gain unauthorized access to victims' accounts. The extension targets users of Meta Business Suite and Facebook Business Manager, leveraging the extension to conduct data collection and exfiltration without users' knowledge or consent. The extension gives the threat actor enough information to identify high-value targets and mount follow-on attacks. The extension shows how a narrow browser extension can repackage data scraping as a 'tool' for Meta Business Suite and Facebook Business Manager. The extension is purpose-built to scrape high-value Meta surfaces that collect contact lists, access metadata, and 2FA material straight from authenticated pages.

    Show sources
    Open in new tab
  3. 13.02.2026 13:25 1 articles · 11h ago

    VK Styles Campaign Hijacks 500,000 VKontakte Accounts via Malicious Chrome Extensions

    About 500,000 VKontakte users have had their accounts silently hijacked through Chrome extensions masquerading as VK customization tools. The large-scale campaign has been codenamed VK Styles. The malware embedded in the extensions is designed to engage in active account manipulation by automatically subscribing users to the attacker's VK groups, resetting account settings every 30 days to override user preferences, manipulating CSRF tokens to bypass VK's security protections, and maintaining persistent control. The activity has been traced to a threat actor operating under the GitHub username 2vk, who has relied on VK's own social network to distribute malicious payloads and build a follower base through forced subscriptions. The names of the extensions are VK Styles - Themes for vk.com (ID: ceibjdigmfbbgcpkkdpmjokkokklodmc), VK Music - audio saver (ID: mflibpdjoodmoppignjhciadahapkoch), Music Downloader - VKsaver (ID: lgakkahjfibfgmacigibnhcgepajgfdb), vksaver - music saver vk (ID: bndkfmmbidllaiccmpnbdonijmicaafn), and VKfeed - Download Music and Video from VK (ID: pcdgkgbadeggbnodegejccjffnoakcoh). The campaign has been active since at least June 22, 2025, when the initial version of the payload was pushed to the "-" repository. The repository associated with the VK Styles campaign is still accessible as of writing, with the file, simply named "C," receiving a total of 17 commits between June 2025 and January 2026. The repository shows deliberate refinement, indicating that the malware is a maintained software project with version control, testing, and iterative improvements. The campaign has primarily affected Russian-speaking users, who are VK's main demographic, as well as users across Eastern Europe, Central Asia, and Russian diaspora communities globally.

    Show sources
    Open in new tab
  4. 13.02.2026 13:25 1 articles · 11h ago

    287 Chrome Extensions Exfiltrate Browsing History to Data Brokers

    A report published by Q Continuum found a huge collection of 287 Chrome extensions that exfiltrate browsing history to data brokers. These extensions have 37.4 million installations, representing roughly 1% of the global Chrome userbase.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Malicious Chrome Extensions Hijack Affiliate Links and Steal ChatGPT Tokens

Researchers have discovered malicious Google Chrome extensions that hijack affiliate links, steal data, and exfiltrate OpenAI ChatGPT authentication tokens. The extensions, including Amazon Ads Blocker and others, inject developer affiliate tags into e-commerce links, replacing existing affiliate codes. Additionally, a network of extensions targets ChatGPT users, intercepting authentication tokens to gain unauthorized access to accounts. The extensions violate Chrome Web Store policies and exploit user trust to execute malicious activities. The findings highlight the growing threat of malicious browser extensions, which can serve as lucrative attack vectors for adversaries.

Open in new tab

Malicious Chrome Extension Targets MEXC API Keys via Telegram Exfiltration

A malicious Chrome extension named MEXC API Automator, masquerading as a trading automation tool, steals MEXC API keys by creating new keys with withdrawal permissions, hiding the permissions in the UI, and exfiltrating the keys to a Telegram bot. The extension remains active as long as the keys are valid, allowing attackers to control MEXC accounts, execute trades, and perform automated withdrawals. The threat actor leverages the Chrome Web Store for delivery, the MEXC web UI for execution, and Telegram for exfiltration. The extension has 29 downloads and is still available on the Chrome Web Store. The attacker's identity is unknown, but references point to a Telegram bot named SwapSushiBot promoted on TikTok and YouTube.

Open in new tab

DarkSpectre Campaigns Target 8.8 Million Users with Malicious Browser Extensions

A Chinese threat actor, DarkSpectre, has been linked to three malicious browser extension campaigns—ShadyPanda, GhostPoster, and The Zoom Stealer—which have collectively impacted 8.8 million users across Google Chrome, Microsoft Edge, and Mozilla Firefox over seven years. The campaigns facilitate data theft, search query hijacking, affiliate fraud, and corporate espionage by exfiltrating meeting-related data from video conferencing platforms. Additionally, five new malicious Chrome extensions impersonating HR and ERP platforms have been discovered, targeting Workday, NetSuite, and SAP SuccessFactors to hijack accounts. These extensions steal authentication tokens, block incident response capabilities, and enable complete account takeover through session hijacking. The extensions, some of which were recently taken down, used delayed activation and benign updates to evade detection and build trust before deploying malicious functionality. The extensions were designed to look polished and professional, with some claiming to contain security features to prevent account compromise. They engaged in a range of actions to take control of accounts, including extracting authentication cookies and uploading them to a command and control (C2) server every 60 seconds. The extensions prevented passwords from being changed to help ensure stolen access tokens remained valid indefinitely and prevented security teams from locking out compromised accounts during remediation. Administrators attempting to disable an affected user's account encountered a blank page and redirect loop. Socket recommended that organizations implement Chrome Enterprise extension allowlists to prevent installation of unauthorized extensions and monitor for extensions targeting the same enterprise platforms with similar permission requests.

Open in new tab

Malicious Browser Extensions Target Meta Business Accounts

Cybersecurity researchers have identified two campaigns using fake browser extensions to hijack Meta Business accounts. The extensions, disguised as legitimate tools for Facebook and Instagram verification and ad optimization, steal session cookies and credentials. The attackers target Meta advertisers to sell hijacked accounts on underground forums or repurpose them for further malicious activities. The campaigns are linked to Vietnamese-speaking threat actors and exploit legitimate cloud services and the Chrome Web Store. The first campaign involves fake 'Meta Verified' extensions named SocialMetrics Pro, distributed via malicious ads and fake websites. The second campaign uses rogue Chrome extensions disguised as AI-powered ad optimization tools, including Madgicx Plus and Meta Ads SuperTool. Both campaigns aim to steal sensitive data and compromise Meta Business accounts.

Open in new tab

GPUGate Malware Campaign Targets IT Firms in Western Europe

The **GPUGate malware campaign** continues to evolve, now leveraging **Claude AI artifacts and Google Ads** to distribute **MacSync and AMOS infostealers** via **ClickFix attacks**. Over **15,600 users** have accessed malicious Claude-generated guides, which instruct victims to execute Terminal commands fetching malware payloads. This follows earlier waves abusing **ChatGPT/Grok chats, fake GitHub repositories, and malvertising** to deploy stealers targeting credentials, crypto wallets, and system data. The campaign, active since **April 2023**, has expanded from traditional phishing to **abusing AI ecosystems, supply-chain weaknesses, and trusted platforms** (e.g., Homebrew, LogMeIn, AI assistants). Russian-speaking actors operate **AMOS as a Malware-as-a-Service (MaaS)**, with stolen logs sold in underground markets to fuel fraud, ransomware, and account takeovers. The latest **Claude artifact abuse** underscores the shift toward **high-impact, scalable distribution channels**, exploiting weak platform vetting and user trust in AI-generated content. Organizations should monitor for **suspicious Terminal activity, C2 traffic to domains like `a2abotnet[.]com`, and unauthorized data egress** while educating users on **ClickFix-style lures** and unverified AI tool instructions.

Open in new tab