Over 4.7 million users could be exposed to malicious adverts and credentials theft due to developer accounts of popular chrome extensions being hijacked by cyber criminals. 8 popular extensions were compromised after their authors Google Account credentials were stolen via a phishing scheme. This resulted in hijacking of traffic and exposing users to potentially malicious popups and credential theft. The affected extensions include Web Developer, Web Paint, Social Fixer, Chrome New Tab, Touch VPN and Betternet VPN. Some of the tactics used by the threat actors were to check whether the extension had been installed for 10 minutes commonly thought to bypass detection.”]
Source: https://securityaffairs.co/wordpress/62090/hacking/chrome-extensions-risks.html