Hundreds of Chrome extensions harvest Google tokens and Telegram sessions

April 15, 2026 at 11:02 AM

•

1 min read

Hundreds of Chrome extensions harvest Google tokens and Telegram sessions — Photo: BleepingComputer

TL;DR Summary

Security researchers found over 100 malicious Chrome Web Store extensions from five publishers that steal Google OAuth2 Bearer tokens, harvest account data, hijack Telegram Web sessions, and run backdoors via a centralized C2; the campaign, likely a Russian MaaS operation, remains active in the store, and Google has been notified—users should uninstall any matching extensions.

Topics:top-news #chrome-extension #malware #oauth2 #technology #telegram-web #token-theft

Share this article

Over 100 Chrome Web Store extensions steal user accounts, data BleepingComputer
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users The Hacker News
108 malicious Chrome extensions found stealing data and injecting ads into every page you visit — delete them right now Tom's Guide
Google Attack Warning—Chrome Hackers Target Gmail And YouTube Users Forbes
These 4 Chrome extensions started clean, then turned into malware How-To Geek

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 4 min read

Condensed

93%

745 → 55 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights