GhostPoster Malicious Browser Extensions: The Silent Spies Watching You for 5 Years
Researchers have identified 34 malicious browser extensions in the GhostPoster campaign that have been active for up to 5 years. Check the list and delete them now.
They've been watching you for five years, and you likely never noticed. According to reports from Lifehacker and cybersecurity firms, researchers have identified a massive malware campaign involving 34 dangerous extensions across Google Chrome, Firefox, and Edge.
The GhostPoster Malicious Browser Extensions Campaign Uncovered
Cybersecurity researchers at LayerX and Koi Security revealed that these malware-infected add-ons are part of the 'GhostPoster' campaign. First identified in late 2025, the malware hides its payload within the extension's PNG logo, allowing it to evade traditional security detection for years.
The threat is far from minor. These extensions monitor your browsing history, strip away security protections, and can even execute remote code on your device. One particularly popular extension, 'Google Translate in Right Click,' reportedly garnered over 500,000 installs before being flagged.
High-Risk Extensions You Must Delete Manually
While these extensions have been removed from official web stores, they remain active on your computer if previously installed. The list includes everyday tools like Ads Block Ultimate, Youtube Download, Instagram Downloader, and Amazon Price History. Experts urge users to check their extension settings immediately and remove any matching names to prevent further data theft or system compromise.
This content is AI-generated based on source articles. While we strive for accuracy, errors may occur. We recommend verifying with the original source.
Share your thoughts on this article
Sign in to join the conversation
Related Articles
A new Instagram password reset scam is targeting users following a 17.5M account leak. Learn how to identify fake emails and protect your account today.
The CISSP exam is notoriously difficult, but preparation doesn't have to be expensive. A training bundle with 8 courses is on sale for $24.97 (reg. $424) until Dec. 21.
Catch the 2026 Australian Open Djokovic vs. Van de Zandschulp match for free. Learn how to use a VPN to access 9Now's free stream from anywhere in the world.
Watch the 2026 Australian Open match between Swiatek and Kalinskaya for free. Learn how to use a VPN to access 9Now and stream from anywhere.
A new Instagram password reset scam is targeting users following a 17.5M account leak. Learn how to identify fake emails and protect your account today.
The CISSP exam is notoriously difficult, but preparation doesn't have to be expensive. A training bundle with 8 courses is on sale for $24.97 (reg. $424) until Dec. 21.
Catch the 2026 Australian Open Djokovic vs. Van de Zandschulp match for free. Learn how to use a VPN to access 9Now's free stream from anywhere in the world.
Watch the 2026 Australian Open match between Swiatek and Kalinskaya for free. Learn how to use a VPN to access 9Now and stream from anywhere.
Thoughts