Malicious Browser Extensions
Malicious browser extensions masquerading as legitimate tools across Chrome, Firefox, Edge, and Opera. Deployment vectors, evasion techniques, and marketplace bypass methods.
-
DarkSpectre Browser Extension Campaigns Expose 8.8 Million Users to Corporate Espionage
DarkSpectre is a Chinese threat actor operating three browser extension campaigns infecting 8.8 million users across Chrome, Edge, and Firefox. ShadyPanda (5.6M users) executes mass surveillance and affiliate fraud. GhostPoster (1.05M) delivers steganographic payloads. The Zoom Stealer (2.2M) monitors 28+ video conferencing platforms, exfiltrating meeting URLs, participant lists, speaker identities, and company data in real-time.…