Do you have one of these 17 browser extensions? They could be tracking your browsing history.

Blogs Technology
Posté 2026-01-23 20:02:44
0
2KB

GhostPoster: 17 malware browser extensions you should delete ASAP

You might have a dangerous browser extension monitoring your browser history and not even know it.

As the good folks at Lifehacker reported, cybersecurity researchers with LayerX identified 17 malicious browser extensions across Chrome, Firefox, and Edge, with some active for up to five years. (Disclosure: Lifehacker is owned by Ziff Davis, the same parent company as Mashable.) These malware-infected browser extensions are part of the GhostPoster campaign, first identified in December by Koi Security.

The Koi Security researchers originally identified 17 malicious browser add-ons, for a total of 34 dangerous extensions. The extensions are no longer available, but if you've already downloaded them, they remain active and must be manually deleted as soon as possible.

As Koi Security found, the extensions hide "a multi-stage malware payload that monitors everything you browse, strips away your browser's security protections, and opens a backdoor for remote code execution." LaxerX further reports that the malware can weaken websites’ security measures, hijack affiliate traffic, inject iframes and scripts that track users, and inject malicious scripts onto a user’s device.

Mashable Light Speed

Here's the full list of extensions, via LayerX and Lifehacker:

  • Google Translate in Right Click

  • Translate Selected Text with Google

  • Ads Block Ultimate

  • Floating Player – PiP Mode

  • Convert Everything

  • Youtube Download

  • One Key Translate

  • AdBlocker

  • Save Image to Pinterest on Right Click

  • Instagram Downloader

  • RSS Feed

  • Cool Cursor

  • Full Page Screenshot

  • Amazon Price History

  • Color Enhancer

  • Translate Selected Text with Right Click

  • Page Screenshot Clipper

Some of these were quite popular extensions. Google Translate in Right Click, for instance, had more than half a million installs, according to LayerX researchers.

The malware in the extensions is known as GhostPoster, which hides malicious code in the extension's PNG logo. The researchers say the malware campaign relied on sophisticated methods that let it evade detection for years. So if you've downloaded any of these extensions, it's best to delete them right away.

Read more about the GhostPoster campaign at Lifehacker.

Connectez-vous pour aimer, partager et commenter!
Rechercher
Catégories
Lire la suite
Technology
Beats Powerbeats Fit are down to their lowest-ever price at Amazon — act fast to save over $30
Best Beats deal: Save $30.04 on Beats Powerbeats Fit...
Par Test Blogger7 2026-04-08 13:00:14 0 539
Technology
MacBook Neo review: I think Apples going to sell millions of these
MacBook Neo review: I think Apple's next big hit is here...
Par Test Blogger7 2026-03-10 14:00:22 0 979
Jeux
Warhammer 40k Space Marine 2 releases four trailers to show off the new Techmarine, and all my dreams have come true
Warhammer 40k Space Marine 2 releases four trailers to show off the new Techmarine, and all my...
Par Test Blogger6 2026-01-28 06:01:46 0 2KB
Jeux
Grimdark roguelike Hordes of Hunger hits 1.0, infusing Megabonk's horde survival with the fundamentals of Dark Souls
Grimdark roguelike Hordes of Hunger hits 1.0, infusing Megabonk's horde survival with the...
Par Test Blogger6 2026-02-13 18:00:13 0 1KB
Jeux
Battlefield 6's next challenger is Wardogs, a new 100-player FPS inspired by a chaotic, three-way Arma 3 mod
Battlefield 6's next challenger is Wardogs, a new 100-player FPS inspired by a chaotic, three-way...
Par Test Blogger6 2026-02-05 16:00:14 0 2KB
© 2026 Sngine-YND French
English Arabic French Spanish Portuguese Deutsch Turkish Dutch Italiano Russian Romaian Portuguese (Brazil) Greek
Environ Conditions générale de vente Confidentialité Contactez nous Annuaire