A brand new malware-as-a-service (MaaS) package referred to as “Stanley” is providing customers assured publication within the Chrome Net Retailer, bypassing Google’s safety verification course of, in keeping with researchers at Varonis.
“For $2,000 to $6,000, Stanley supplies a turnkey website-spoofing operation disguised as a Chrome extension, with its premium tier promising assured publication on the Chrome Net Retailer,” Varonis says. “We reported this to the Chrome Net Retailer and internet hosting supplier on January 21, 2026. The C2 was taken offline the following day, however the extension stays reside.”
After a consumer installs the malicious extension, the attackers can change the URL that seems within the deal with bar whereas exhibiting the consumer a phishing web page.
“As soon as a goal is chosen, attackers configure URL hijacking guidelines particular to that consumer,” the researchers clarify. “They set a supply URL (the legit web site to hijack) and a goal URL (the phishing web page to show). Guidelines may be activated or deactivated per an infection, permitting operators to stage assaults and set off them on demand. The interface makes this trivially easy: a ‘new redirect’ dialog accepts any supply/goal pair.”
Moreover, the attackers can set off legit Chrome notifications to lure customers to phishing websites.
“The $6,000 price ticket doubtless displays the worth of the Chrome Net Retailer publication assure and the administration panel quite than the complexity of the code itself,” Varonis says.
“That assure is what makes the standard recommendation inadequate. ‘Solely set up from official shops, verify opinions, search for verified badges’ does not assist when malicious extensions move Google’s evaluate course of and sit within the Chrome Net Retailer alongside legit instruments. As soon as revealed, these extensions can stay lively for months earlier than detection, quietly harvesting credentials from 1000’s of customers.”
AI-powered safety consciousness coaching may give your group an important layer of protection in opposition to evolving social engineering assaults. KnowBe4 empowers your workforce to make smarter safety choices on daily basis. Over 70,000 organizations worldwide belief the KnowBe4 HRM+ platform to strengthen their safety tradition and scale back human threat.
Varonis has the story.
