Security researchers from Koi Security discovered almost two dozen Chrome and Edge browser add-ons spying on users by tracking visited sites and communicating with a third-party server.
The campaign named Operation RedDirection identified 18 add-ons compromising 2.3 million users, including VPNs, site unblockers, weather forecast add-ons, and emoji add-ons.
The add-ons, initially clean and functional, were likely hijacked at some point, leading to data privacy breaches. Although some were removed, many are still available through third-party stores.
To stay safe, users are advised to remove suspicious add-ons, clear browsing data, run antivirus scans, change passwords, and be cautious of unexpected communications and links.