“Dormant Colors”: Live Campaign With Over 1M Data Stealing Extensions Installed


Oct 23

·10 min read


The “Dormant Colors” is yet another vast campaign of malicious extensions with millions of active installations worldwide, this time with a color-related theme and full of deception all through the chain. It starts with the trickery malvertising campaign, continues with a crafty novel way to side-load the real malicious code without anyone noticing (until now!), and finally with stealing not only your searches and browsing data, but also affiliation to 10,000 targeted sites — a capability that is easily leveraged for targeted spear phishing, account takeover and credential extraction — all using this powerful network of millions of infected computers worldwide!

The Dormant Colors Extensions Catalogue

By mid-October 2022 there were at least 30 variants of this extension part of a campaign for both Chrome and Edge, available freely in the relevant stores:

Some of the extension variants and application icons used

A “Dormant-Colors” extension live

Read more

Explore the site

More from the blog

Latest News