Research Reveals 287 Chrome Extensions Spy on 37 Million Users Through Data Collection
By
qcontinuum1
3mo ago· 16 min readenInsight
100/100
Golden Brown
Bagelometer↗
An everything bagel for the brain. Substantive, layered, well-seasoned.
Score100TypeanalysisSentimentnegative
Summary
A 2025 investigation reveals that 287 Chrome extensions with 37 million users are secretly spying on users by collecting and exfiltrating browsing data. The research builds on previous studies from 2017-2018 that documented malicious browser extensions, and develops a scalable method to detect data leakage in the wild. The study highlights the ongoing security risks in the Chrome Web Store despite Google's security measures, with many popular extensions engaging in covert surveillance of user activities.
Key quotes
· 5 pulledFast forward to 2025: Chrome Store now hosts roughly 240k extensions, many of them with hundreds of thousands of users.
We knew that we needed a scalable, repeatable method to measure whether an extension was actually leaking data in the wild.
It was shown in the past that chrome extensions are used to...
In 2018, R. Heaton showed that the popular 'Stylish' theme manager was silently sending browsing URLs to a remote server.
Those past reports caught our eye and motivated us to dig into this issue.
Summary
