Malicious Chrome Extensions Target Meta Business, VK, AI Tools

Security researchers have exposed three distinct malicious Chrome extension campaigns collectively affecting more than 760,000 users. The extensions target Meta Business Suite credentials, VKontakte accounts, and AI chatbot conversations—each with different operators and exfiltration methods.

These discoveries follow our coverage of Chrome extensions stealing ChatGPT and DeepSeek conversations last month. Browser extension malware continues to evade both platform review processes and enterprise security controls.

CL Suite: Meta Business Data Theft

The first campaign involves a single extension called "CL Suite by @CLMasters" (ID: jkphinfhmfkckkcnifhjiplhfoiefffl) marketed as a Meta Business Suite productivity tool.

The extension claims to offer:

• Meta Business Suite data scraping
• Verification popup removal
• Two-factor authentication code generation

What it actually does is exfiltrate sensitive data to attacker infrastructure at getauth[.]pro and a Telegram notification API. Stolen data includes:

• TOTP seeds and one-time codes for Facebook/Meta accounts
• Business Manager "People" CSV exports (names, emails, roles, permissions)
• Business Manager analytics data
• Attached ad accounts and billing configuration
• Connected pages and assets

The extension's privacy policy falsely claims 2FA secrets remain local. With 33 users currently installed, the impact is limited—but the techniques could scale.

VK Styles: 500,000 VKontakte Users Compromised

A more prolific campaign targets Russia's VKontakte social network through multiple extensions:

• VK Styles - Themes for vk.com
• VK Music - audio saver
• Music Downloader - VKsaver
• vksaver - music saver vk
• VKfeed - Download Music and Video from VK

These extensions silently hijack user accounts, auto-subscribe victims to attacker-controlled VK groups, and reset account settings every 30 days to maintain persistence. They manipulate CSRF tokens to bypass VK's security controls.

The operator uses a dead drop resolver technique—malicious payload URLs are retrieved from a VK profile's HTML metadata tags (profile: vk[.]com/m0nda). This allows the attacker to update malware URLs without pushing extension updates. The approach is similar to supply chain attacks targeting VSCode extensions we covered previously.

Approximately 500,000 VKontakte users have been affected since the campaign began in June 2025.

AiFrame: 260,000 Users via Fake AI Assistants

The largest campaign exploits interest in AI tools. More than 32 extensions impersonate ChatGPT, Gemini, DeepSeek, and other AI services:

AI Assistant, Llama, Gemini AI Sidebar, AI Sidebar, ChatGPT Sidebar, Grok, Chat Bot GPT, Chat With Gemini, XAI, Google Gemini, Ask Gemini, AI Letter Generator, AI Translator, AI Image Generator Chat GPT, DeepSeek Download, DeepSeek Chat, and others.

Rather than providing AI functionality, these extensions embed full-screen iframes pointing to remote domains (claude.tapnetic[.]pro) controlled by the attackers. They act as privileged proxies to sensitive browser capabilities.

When invoked on mail.google.com, the extensions extract visible email content directly from the DOM and transmit it outside Gmail's security boundary. They also capture speech recognition transcripts and readable article content from any page.

Combined installations exceed 260,000 users.

Browsing History Exfiltration at Scale

Separately, researchers identified 287 Chrome extensions with 37.4 million total installations that exfiltrate browsing history to data brokers including Similarweb and Alexa. This represents approximately 1% of global Chrome users.

Detection and Response

For organizations managing Chrome deployments:

1. Audit installed extensions against the IDs listed above
2. Review enterprise extension policies and whitelist only approved extensions
3. Monitor for extension permissions requesting access to all URLs
4. Check for iframe-based UIs that obscure extension behavior
5. Deploy browser telemetry to catch unexpected data exfiltration

Individual users should review installed extensions in chrome://extensions and remove anything they don't recognize or actively use.

Why This Matters

Browser extensions occupy a privileged position in the browser security model. They can read page content, intercept requests, and access local storage—often across all sites a user visits. Platform review processes have repeatedly failed to catch malicious extensions before publication.

The Meta Business Suite targeting is particularly concerning for organizations using Facebook advertising. Compromised business accounts can be used for ad fraud, credential theft from page followers, or reputation attacks. This follows a broader pattern of infostealer campaigns targeting enterprise credentials.

For users of AI tools, the fake assistant extensions demonstrate how attackers exploit trending technologies. If you're seeking AI functionality in your browser, install only from verified publishers with substantial review histories.