Tuesday, May 6, 2025
HomeChromeMalicious EditThisCookie Extension Attacking Chrome Users to Steal Data

Malicious EditThisCookie Extension Attacking Chrome Users to Steal Data

Published on

SIEM as a Service

Follow Us on Google News

The popular cookie management extension EditThisCookie has been the target of a malicious impersonation. Originally a trusted tool for Chrome users, EditThisCookie allowed users to manage cookie data in their browsers.

However, after significant scrutiny, the legitimate version has been removed from the Chrome Web Store, leaving users vulnerable to a fake extension that has gained traction under the name EditThisCookie®.

The Rise of the Fake Extension

With over 3 million users and 11,000 ratings, the original EditThisCookie extension was a staple for users looking to manipulate their browser cookies. However, it has been replaced on the marketplace by a copycat extension that has now attracted over 50,000 users.

- Advertisement - Google News

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

This counterfeit version, initially known as EditThisCookies, has shown alarming signs of malicious behavior, as revealed by malware investigator Eric Parker in a recent YouTube analysis.

As per report by GHacks, Parker’s examination of the extension uncovered a series of concerning traits, including:

  • Fake Website: The malicious extension operates a fraudulent website designed to mislead users.
  • Obfuscated Code: To evade detection, the code within the extension is deliberately complicated and difficult to read.
  • Data Theft Mechanisms: Notably, the extension includes functionality aimed at stealing user information, particularly when accessing sites like Facebook.
  • Phishing Attempts: Users may be subject to phishing scams orchestrated through the extension.
  • Advertising Features: The extension also appears to contain code intended for serving advertisements.

While Parker did not find evidence indicating that session cookies were being directly exfiltrated, the presence of potentially harmful functionalities raises serious concerns for users.

Chrome users are urged to take immediate action to secure their browsers. To check for the malicious version of the extension, open the Chrome address bar and type chrome://extensions/ to view your installed extensions.

If you spot EditThisCookies or EditThisCookie®, it is crucial to remove it without delay. For those seeking a legitimate alternative, Cookie Editor has emerged as a recommended choice for cookie management.

The disappearance of the legitimate EditThisCookie extension remains enigmatic. Some experts speculate that it was removed due to its failure to comply with Chrome’s new Manifest V3 requirements, which may have left a gap for malicious copies to thrive.

History has shown that similar issues plagued the store in the past, where many fake versions of popular extensions like uBlock Origin flooded the marketplace.

Find this News Interesting! Follow us on Google NewsLinkedIn, and X to Get Instant Updates!

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

DragonForce Ransomware Targets Major UK Retailers, Including Harrods, Marks & Spencer, and Co-Op

Major UK retailers including Harrods, Marks and Spencer, and Co-Op are currently experiencing significant...

OpenAI Shifts For-Profit Branch to Public Benefit Corporation, Staying Under Nonprofit Oversight

Landmark organizational shift, OpenAI announced its transition from a capped-profit LLC to a Public...

Google’s NotebookLM Introduces Voice Summaries in Over 50 Languages

Google has significantly expanded the capabilities of NotebookLM, its AI-powered research tool, by introducing...

Android Security Update -A Critical RCE Vulnerability Actively Exploited in the Wild 

Google has released critical security patches for Android devices to address 57 vulnerabilities across...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

DragonForce Ransomware Targets Major UK Retailers, Including Harrods, Marks & Spencer, and Co-Op

Major UK retailers including Harrods, Marks and Spencer, and Co-Op are currently experiencing significant...

OpenAI Shifts For-Profit Branch to Public Benefit Corporation, Staying Under Nonprofit Oversight

Landmark organizational shift, OpenAI announced its transition from a capped-profit LLC to a Public...

Google’s NotebookLM Introduces Voice Summaries in Over 50 Languages

Google has significantly expanded the capabilities of NotebookLM, its AI-powered research tool, by introducing...