Chrome Manifest V3 blamed for security risks as EditThisCookie extension becomes a victim

What are you doing? EditThisCookie is a popular Chrome extension designed to edit cookie data stored in the browser’s native database. The extension, once used by more than 3 million users, has been replaced by fake imitators that have nothing to do with cookies or browser security. Instead, it seems to undermine both.

The original EditThisCookie extension is no longer available and has been replaced by the similarly named EditThisCookie® browser plug-in. Google seems to have Deleted The original extension is in the Chrome Web Store, but the fake add-on is still available for download. Unfortunately for Chrome users, the fake EditThisCookie® is malicious and should never have been allowed in web app stores in the first place.

The malicious plug-in had approximately 30,000 users before it was removed by Google. Now, EditThisCookie® page Claims to have 50,000 users and promotes itself as a legitimate cookie manager. However, reviews were overwhelmingly negative, with users criticizing the extension’s malicious behavior and its status as a clone of the original extension.

Malware analyst Eric Parker recently shared a YouTube video exposing the fake add-on, detailing its many hidden threats. The extension links to fraudulent websites, contains obfuscated code, and can steal sensitive information – especially when users visit Facebook. Additionally, it includes phishing routines and mechanisms to distribute advertisements.

While there is no official explanation for the disappearance of the original EditThisCookie tool, the most plausible reason is that it was incompatible with Google’s Manifest V3 adoption. Google is determined to phase out the old Manifest V2 extension technology in favor of Manifest V3, which it says provides greater security.

The popular uBlock Origin is the first high profile casualties As part of this migration, EditThisCookie appears to be next. Meanwhile, the cybercriminals behind the fake EditThisCookie® extension are resourceful (or opportunistic) enough to update their code to comply with Manifest V3 requirements. Instead, the original developers may choose to focus on other priorities.

The case of EditThisCookie highlights the obvious shortcomings of Manifest V3 in enhancing browser security. Despite Google’s intentions, the new standard appears to be ineffective, and things may get worse as other popular Manifest V2 extensions disappear from the Chrome Web Store. Several criminals may exploit these vulnerabilities and keep an eye on the ongoing transformation.

In response, third-party browsers such as Mozilla Firefox provide excellent extension experiences and support Manifest V2 and V3 frameworks. This flexibility can appeal to users looking for a safer and more functional browsing environment.