Over 100 Chrome extensions caught stealing user data; 20,000 affected

Cybersecurity researchers have uncovered a campaign involving 108 Chrome extensions that stole user identities, hijacked Telegram sessions and injected malicious code into web pages. All extensions routed stolen data to servers controlled by the same operator, security firm Socket said. The extensions have collectively amassed around 20,000 installs on the Chrome Web Store.