Article Details

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access. Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the Chrome Web Store by a publisher named "10Xprofit" on January 19, 2026. "The extension does block ads as advertised, but its primary function is hidden: it automatically injects the developer's affiliate tag (10xprofit-20) into every Amazon product link and replaces existing affiliate codes from content creators," Socket security researcher Kush Pandya said. Further analysis has determined that Amazon Ads Blocker is part of a larger cluster of 29 browser add-ons that target several e-commerce platforms like AliExpress, Amazon, Best Buy, Shein, Shopify, and Walmart. The complete list is as follows - While "Amazon Ads Blocker" offers the advertised functionality, it also embeds malicious code that scans all Amazon product URL patterns for any affiliate tag without requiring any user interaction, and replaces it with "10xprofit-20" (or "_c3pFXV63" for AliExpress). In cases where there are no tags, the attacker's tag is appended to each URL. Socket also noted that the extension listing page on the Chrome Web Store makes misleading disclosures, claiming that the developers earn a "small commission" every time a user makes use of a coupon code to make a purchase. Affiliate links are widely used across social media and websites. They refer to URLs containing a specific ID that enables tracking of traffic and sales to a particular marketer. When a user clicks this link to buy the product, the affiliate earns a cut of the sale. Due to the extensions searching for existing tags and replacing them, social media content creators who share Amazon product links with their own affiliate tags lose commissions when users who have installed the add-on click those links. This amounts to a violation of Chrome Web Store policies, as they require extensions using affiliate links to accurately divulge how the program works, require user action before each injection, and never replace existing affiliate codes. "The disclosure describes a coupon/deal extension with user-triggered reveals. The actual product is an ad blocker with automatic link modification," Pandya explained. "This mismatch between disclosure and implementation creates false consent." "The extension also violates the Single Purpose policy by combining two unrelated functions (ad blocking and affiliate injection) that should be separate extensions." The identified extensions have also been found to scrape product data and exfiltrate it to "app.10xprofit[.]io," with those focusing on AliExpress serving bogus "LIMITED TIME DEAL" countdown timers on product pages to create a false sense of urgency and rush them into making purchases so as to earn commissions on affiliate links. "Extensions that combine unrelated functionality (ad blocking, price comparison, coupon finding) with affiliate injection should be treated as high-risk, particularly those with disclosures that don't match the actual code behavior," Socket said. The disclosure comes as Broadcom-owned Symantec flagged four different extensions that have a combined user base exceeding 100,000 users and are designed to steal data - "While browser extensions can provide a wide range of handy tools to help us achieve more online, much care needs to be taken when choosing to install them, even when installing from trusted sources," researchers Yuanjing Guo and Tommy Dong said. Rounding off the list of malicious extensions is another network of 16 add-ons (15 on the Chrome Web Store and one on the Microsoft Edge Add-ons marketplace) that are designed to intercept and steal ChatGPT authentication tokens by injecting a content script into chatgpt[.]com. Cumulatively, the extensions were downloaded about 900 times, according to LayerX. The extensions are assessed to be part of a coordinated campaign due to overlaps in source code, icons, branding, and descriptions - With artificial intelligence (AI)-related extensions becoming increasingly common in enterprise workflows, the development highlights an emerging attack surface where threat actors weaponize the trust associated with popular AI brands to deceive users into installing them. Because such tools often require elevated execution context within the browser and have access to sensitive data, seemingly harmless extensions can become a lucrative attack vector, permitting adversaries to obtain persistent access without the need for exploiting security flaws or resorting to other methods that may trigger security alarms. "Possession of such tokens provides account-level access equivalent to that of the user, including access to conversation history and metadata," security researcher Natalie Zargarov said. "As a result, attackers can replicate the users' access credentials to ChatGPT and impersonate them, allowing them to access all of the user's ChatGPT conversations, data, or code." Browsers Become a Lucrative Attack Vector The findings also coincide with the emergence of a new malware-as-a-service toolkit called Stanley that's being peddled on a Russian cybercrime forum for between $2,000 and $6,000, and allows crooks to generate malicious Chrome browser extensions that can be used to serve phishing pages within an HTML iframe element while still showing the legitimate URL in the address bar. Customers of the tool gain access to a C2 panel for managing victims, configuring spoofed redirects, and sending fake browser notifications. Those who are willing to spend $6,000 get a guarantee that any extension they create using the kit will pass Google's vetting process for the Chrome Web Store. These extensions take the form of innocuous note-taking utilities to fly under the radar. But their malicious behavior is activated when the user navigates to a website of interest to the attacker, such as a bank, at which point a full-screen iframe containing the phishing page is overlaid, while leaving the browser's URL bar intact. This visual deception creates a defensive blind spot that can dupe even vigilant users into entering their credentials or sensitive information on the page. As of January 27, 2025, the service appears to have vanished – likely prompted by the public disclosure – but it's very much possible that it can resurface under a different name in the future. "Stanley provides a turnkey website-spoofing operation disguised as a Chrome extension, with its premium tier promising guaranteed publication on the Chrome Web Store," Varonis researcher Daniel Kelley noted earlier this week. "BYOD policies, SaaS-first environments, and remote work have made the browser the new endpoint. Attackers have noticed. Malicious browser extensions are now a primary attack vector."