How many Chrome extensions were caught spying on users in 2026?

287 extensions were found exfiltrating browsing history from 37.4 million users, published in February 2026 by security researcher Q Continuum.

What data were the malicious Chrome extensions collecting?

Full browsing history, search engine results URLs, referrers, user IDs, timestamps, and in some cases Google and Telegram session data.

Why didn't Chrome Web Store catch these spying extensions?

The exfiltration was obfuscated using base64, ROT47, LZ-String compression, and AES-256 encryption. Google's automated review did not decode the payloads.

How can I tell if a Chrome extension is spying on my browsing?

There is no built-in Chrome tool to audit outbound requests from extensions. Third-party tools like Extension Guard can flag risky permissions but do not monitor live traffic.

Which companies were behind the spying Chrome extensions?

Known actors include Similarweb, Curly Doggo, Offidocs, and an entity called Big Star Labs, plus several unidentified Chinese data brokers.

← Back to dashboard

clawsmith.com/signal/287-chrome-extensions-spying-37m-users-browsing-data

⚠ IssueUnderservedbrowser_extensionLive

287 Chrome Extensions Caught Spying on 37 Million Users

A February 2026 security researcher investigation found 287 Chrome extensions exfiltrating users' full browsing history to third parties including Similarweb, Curly Doggo, and unknown data brokers. These extensions have 37.4 million installs and used base64, ROT47, and AES-256 obfuscation to hide the exfiltration. Chrome Web Store's review process failed to catch any of them.

Product Idea from this Signal

A browser extension that detects when other installed extensions are secretly sending your browsing data to third parties

679 ▲

Hundreds of Chrome extensions silently exfiltrate browsing history, form data, and AI chat logs to data brokers after gaining user trust over months or years. Existing tools like Guardio rely on reputation blocklists and can't catch newly-turned-malicious extensions or supply-chain-compromised ones that have clean histories. This tool runs local behavioral runtime analysis on every installed extension, flagging real outbound data exfiltration as it happens rather than matching against a database of known-bad signatures.

browser-securityprivacychrome-extensionruntime-analysissupply-chaindata-exfiltration

Competitive134 leadsView Opportunity →

Score Breakdown

679

Social Proof 1 sources

Chrome extensions spying on users browsing data

qcontinuum1 · 2/11/2026

679

Existing Solutions 2 competitors

Extension GuardListed on chrome-stats.com; small user base

Cross-browser extension risk monitoring using Chrome-Stats data; flags risky permissions.

GuardioEstablished; millions of users

AI-driven threat protection extension that blocks malicious sites and monitors browsing.

Gap Assessment

UnderservedExisting solutions leave gaps

Extension Guard and Guardio exist but neither automatically flags exfiltration from already-installed extensions with 37M+ users at risk; no mainstream tool audits all installed extensions at runtime.

Frequently Asked Questions

Virality Score

679

across 0 platforms

Details

Signalissue

Ecosystembrowser_extension

Sources1

Platforms0

Updated2h ago

Trend→ stable

Top ideas

All ideas →

0A web app that shows indie mobile developers exactly why their app is or isn't getting organic App Store discovery 0A web app that lets API and SaaS builders charge sub-dollar per-request fees without hitting Stripe minimums 0A mobile app that replaces Mint with free bank sync, automatic categorization, and spending alerts

Related signals

All signals →

595Chrome Manifest V3 Killed uBlock Origin for 50M Users