Show HN: Daily-updated database of malicious browser extensions (github.com)
Hey HN, I built an automated system that tracks malicious Chrome/Edge extensions daily.
The database updates automatically by monitoring chrome-stats for removed extensions and scanning security blogs. Currently tracking 1000+ known malicious extensions with extension IDs, names, and dates.
I'm working on detection tools (GUI + CLI) to scan locally installed extensions against this database, but wanted to share the raw data first since maintained threat intelligence lists like this are hard to find.
The automation runs 24/7 and pushes updates to GitHub. Free to use for research, integration into security tools, or whatever you need.
Happy to answer questions about the scraping approach or data collection methods.
7 comments
[ 337 ms ] story [ 1222 ms ] threadFor example, only v4.00 of Bookmark Favicon Changer was compromised. Earlier and later versions are clean.
https://www.elastic.co/blog/how-to-detect-malicious-browser-...