DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

A Chinese threat actor known as DarkSpectre has launched multiple malicious browser extension campaigns affecting over 8.8 million users across Chrome, Edge, and Firefox for over seven years. These campaigns include data theft, affiliate fraud, and corporate espionage through sophisticated, long-term operations. #DarkSpectre #BrowserExtensions

Keypoints

DarkSpectre has been linked to three major campaigns targeting popular browsers.
The campaigns have affected over 8.8 million users worldwide, including enterprise users.
Extensions like ShadyPanda and GhostPoster focus on data theft, ad fraud, and hijacking affiliate links.
The Zoom Stealer campaign collects private meeting data for corporate espionage.
Infrastructures indicate Chinese origins, including Alibaba Cloud servers and Chinese-language code artifacts.

SHARE THIS STORY

WhatsApp X (Twitter)Telegram Bluesky Facebook LinkedIn Threads Email Print