Friday, May 23, 2025
HomeChromeMalicious EditThisCookie Extension Attacking Chrome Users to Steal Data

Malicious EditThisCookie Extension Attacking Chrome Users to Steal Data

Published on

SIEM as a Service

Follow Us on Google News

The popular cookie management extension EditThisCookie has been the target of a malicious impersonation. Originally a trusted tool for Chrome users, EditThisCookie allowed users to manage cookie data in their browsers.

However, after significant scrutiny, the legitimate version has been removed from the Chrome Web Store, leaving users vulnerable to a fake extension that has gained traction under the name EditThisCookie®.

The Rise of the Fake Extension

With over 3 million users and 11,000 ratings, the original EditThisCookie extension was a staple for users looking to manipulate their browser cookies. However, it has been replaced on the marketplace by a copycat extension that has now attracted over 50,000 users.

- Advertisement - Google News

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

This counterfeit version, initially known as EditThisCookies, has shown alarming signs of malicious behavior, as revealed by malware investigator Eric Parker in a recent YouTube analysis.

As per report by GHacks, Parker’s examination of the extension uncovered a series of concerning traits, including:

  • Fake Website: The malicious extension operates a fraudulent website designed to mislead users.
  • Obfuscated Code: To evade detection, the code within the extension is deliberately complicated and difficult to read.
  • Data Theft Mechanisms: Notably, the extension includes functionality aimed at stealing user information, particularly when accessing sites like Facebook.
  • Phishing Attempts: Users may be subject to phishing scams orchestrated through the extension.
  • Advertising Features: The extension also appears to contain code intended for serving advertisements.

While Parker did not find evidence indicating that session cookies were being directly exfiltrated, the presence of potentially harmful functionalities raises serious concerns for users.

Chrome users are urged to take immediate action to secure their browsers. To check for the malicious version of the extension, open the Chrome address bar and type chrome://extensions/ to view your installed extensions.

If you spot EditThisCookies or EditThisCookie®, it is crucial to remove it without delay. For those seeking a legitimate alternative, Cookie Editor has emerged as a recommended choice for cookie management.

The disappearance of the legitimate EditThisCookie extension remains enigmatic. Some experts speculate that it was removed due to its failure to comply with Chrome’s new Manifest V3 requirements, which may have left a gap for malicious copies to thrive.

History has shown that similar issues plagued the store in the past, where many fake versions of popular extensions like uBlock Origin flooded the marketplace.

Find this News Interesting! Follow us on Google NewsLinkedIn, and X to Get Instant Updates!

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to...

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code...

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager...

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to...

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code...

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager...