Techly NewsGet the app

Get the latest tech news

4.3M Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign


Koi researchers have identified a threat actor we're calling ShadyPanda - responsible for a seven-year browser extension campaign that has infected 4.3 million Chrome and Edge users. Our investigation uncovered two active operations: A 300,000-user RCE backdoor: Five extensions, including the "Featured" and "Verified" Clean Master, were weaponized in mid-2024 after years of legitimate operation.

None

Get the Android app

Or read this on Hacker News

Read more on:

Photo of ShadyPanda

ShadyPanda

Photo of m browsers

m browsers

Related news:

News photo

ShadyPanda browser extensions amass 4.3M installs in malicious campaign

« Apple to beat Samsung in smartphone shipments for first time in 14 years
Progress on TypeScript 7 – December 2025 »