๐Ÿ•ท๏ธ
SetupAI
๐Ÿ‡จ๐Ÿ‡ณStalecollected in 46m

Chrome Extension Hijacked, 1M+ Users Hit by Malware

Chrome Extension Hijacked, 1M+ Users Hit by Malware
PostLinkedIn
๐Ÿ‡จ๐Ÿ‡ณRead original on cnBeta (Full RSS)
#extension-hijack#malware#browser-securitysave-image-as-type

๐Ÿ’กImage tool hijack threatens ML workflows using Chrome extensions

โšก 30-Second TL;DR

What Changed

Save Image as Type Chrome extension hijacked by hackers

Why It Matters

Exposes supply chain risks in browser extensions, urging users to audit tools used in development workflows. Could affect image processing pipelines in AI projects.

What To Do Next

Audit Chrome extensions via chrome://extensions/ and uninstall Save Image as Type immediately.

Who should care:Developers & AI Engineers

๐Ÿง  Deep Insight

Web-grounded analysis with 6 cited sources.

๐Ÿ”‘ Enhanced Key Takeaways

  • โ€ขThe malware in 'Save image as Type' injected affiliate links from 578 identifiable sites into users' clicks, stealing commissions from purchases.[3]
  • โ€ขExtension ownership changed in late 2025 from Image4Tools to 'Lauren Bridge', likely indicating a sale that preceded the malicious activity.[3]
  • โ€ขMicrosoft removed the Edge version of the extension in February 2025 after detecting malware, over a year before Google's action.[1][3][5]

๐Ÿ› ๏ธ Technical Deep Dive

  • โ€ขMalicious code located in inject.js file communicated with a remote server to compile a list of URLs and inject corresponding affiliate codes.[3]
  • โ€ขExtension modified affiliate links on sites like Amazon and Best Buy, similar to tactics used by the Honey extension in 2024.[2]

๐Ÿ”ฎ Future ImplicationsAI analysis grounded in cited sources

Google will implement stricter post-approval monitoring for extensions with ownership changes.
The extension operated maliciously for over a year after an ownership transfer in late 2025 and Edge removal, exposing gaps in Chrome Web Store oversight.[1][3]
Affiliate link hijacking incidents in extensions will increase by 20% in 2026.
This case mirrors the 2024 Honey scandal and involved 578 sites, incentivizing attackers to target high-user extensions for revenue theft.[2][3]

โณ Timeline

2024-12
Malicious network in extension documented, leading to Microsoft investigation.
2025-02
Microsoft removes Edge version (1.2.4) from Add-ons store after malware detection.
2025-12
Extension ownership transfers from Image4Tools to Lauren Bridge.
2026-03
User reports malware behavior like affiliate link hijacking two weeks before removal.
2026-03
Google disables and removes extension from Chrome Web Store.
๐Ÿ‡จ๐Ÿ‡ณRead original article on cnBeta (Full RSS)
๐Ÿ“ฐ

Weekly AI Recap

Read this week's curated digest of top AI events โ†’

๐Ÿ‘‰Related Updates

Same topic

Explore #extension-hijack

Same product

More on save-image-as-type

Same source

Latest from cnBeta (Full RSS)

NYC eVTOL Test: JFK to Manhattan in 10 Mins

NYC eVTOL Test: JFK to Manhattan in 10 Mins

cnBeta (Full RSS)โ€ขApr 28
DLR Morphing Wing First Drone Flight

DLR Morphing Wing First Drone Flight

cnBeta (Full RSS)โ€ขApr 28
NVIDIA Launches 12GB RTX 5070 Laptop GPU

NVIDIA Launches 12GB RTX 5070 Laptop GPU

cnBeta (Full RSS)โ€ขApr 28

AI-curated news aggregator. All content rights belong to original publishers.
Original source: cnBeta (Full RSS) โ†—