alt Hacker NewsShow HN: Daily-updated database of malicious browser extensions
Hey HN, I built an automated system that tracks malicious Chrome/Edge extensions daily.
The database updates automatically by monitoring chrome-stats for removed extensions and scanning security blogs. Currently tracking 1000+ known malicious extensions with extension IDs, names, and dates.
I'm working on detection tools (GUI + CLI) to scan locally installed extensions against this database, but wanted to share the raw data first since maintained threat intelligence lists like this are hard to find.
The automation runs 24/7 and pushes updates to GitHub. Free to use for research, integration into security tools, or whatever you need.
Happy to answer questions about the scraping approach or data collection methods.
Comments
Super cool, I hope this gets the attention it deserves!
Super cool. Brave support by any chance? Using Linux, it found my Chrome, but thats not my primary browser.
Could Firefox extensions be included?
Nice work. One thing I've noticed with locally checking extensions against threat lists is that the verification process itself can become a target. Stateless, deterministic verification — where hashes or IDs are derived on-device and never stored centrally — reduces risk of supply chain or server-side compromise. It’s a subtle design point, but it can prevent a malicious actor from using the verification system itself to exfiltrate data.