"Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the Chrome Web Store by a publisher named "10Xprofit" on January 19, 2026."
"Further analysis has determined that Amazon Ads Blocker is part of a larger cluster of 29 browser add-ons that target several e-commerce platforms like AliExpress, Amazon, Best Buy, Shein, Shopify, and Walmart. The complete list is as follows - AliExpress Invoice Generator (FREE) - AliInvoice™️ (10+ Templates) (ID: mabbblhhnmlckjbfppkopnccllieeocp) AliExpress Price Tracker - Price History & Alerts (ID: loiofaagnefbonjdjklhacdhfkolcfgi) AliExpress Quick Currency & Price Converter (ID: mcaglpclodnaiimhicpjemhcinjfnjce)"
Malicious Chrome extensions were found that hijack affiliate links, steal user data, and collect OpenAI ChatGPT authentication tokens. Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj) advertises ad blocking but injects the developer affiliate tag 10xprofit-20 into every Amazon product link and replaces existing content-creator affiliate codes. The extension cluster comprises 29 add-ons targeting AliExpress, Amazon, Best Buy, Shein, Shopify, and Walmart. Several add-ons include tools like price trackers, invoice generators, scrapers, and currency converters, many carrying unique IDs and the 10Xprofit branding. The behavior enables covert monetization and potential data exfiltration from infected browsers.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]