Hundreds of Thousands at Risk: Security Experts Flag 17 Chrome and Edge Extensions as Potential Spyware
Browser extensions often make life easier online — blocking ads, translating text instantly, or downloading videos with a single click. But a new cybersecurity warning suggests some of these helpful tools could actually be putting users in danger.
A recent report from cybersecurity firm LayerX has identified 17 browser extensions across Chrome, Edge, and Firefox that allegedly pose serious security risks. According to the firm, these add-ons may secretly track users, run hidden code, and potentially expose sensitive information — all while appearing harmless.
What’s particularly alarming is the scale of exposure. The extensions have reportedly been downloaded more than 840,000 times, with some remaining active on official app stores for over five years without detection.
Because these tools were listed on trusted marketplaces like the Chrome Web Store, many users likely installed them without suspecting any risk.
Chrome And Edge Extension Dangerous Threat: What We Know
LayerX says the extensions managed to bypass multiple security checks and operated quietly in the background. Many of them offered everyday features such as video downloading, price tracking, screenshots, and instant translation — exactly the kind of utilities people rely on regularly.
The report says, “Google Translate in Right Click", was the most downloaded extension at 500,000 installs from the app store.
Here’s the full list of extensions flagged by the firm:
- Page Screenshot Clipper
- Full Page Screenshot
- Convert Everything
- Translate Selected Text with Google
- Youtube Download
- RSS Feed
- Ads Block Ultimate
- AdBlocker
- Color Enhancer
- Floating Player – PiP Mode
- One Key Translate
- Cool Cursor
- Google Translate in Right Click
- Translate Selected Text with Right Click
- Amazon Price History
- Save Image to Pinterest on Right Click
- Instagram Downloader
How These Extensions Could Harm Users
Security analysts explain that the malware used sophisticated methods to stay hidden. In some cases, harmful code was embedded inside images or links, making detection extremely difficult. Even more concerning, attackers could delay activation, meaning users might not notice suspicious behaviour until long after installation.
This stealth approach allows tracking, data harvesting, and potential system compromise to happen quietly in the background.
While Microsoft and Mozilla have since removed the extensions, the long-time span during which they were available means many users could already have been affected.
What Users Should Do Now
Experts recommend immediately reviewing installed extensions and removing anything unfamiliar or unnecessary. Even tools downloaded from official stores should be treated with caution.
Keeping extensions to a minimum, checking developer credibility, and regularly auditing permissions can significantly reduce risk.
The incident also raises broader concerns about how app stores vet browser add-ons and whether stronger checks are needed to protect users from similar threats in the future.
For now, a quick cleanup of your browser might be the simplest way to stay safe.