WTF?! EditThisCookie was once a highly favored Chrome extension that allowed users to modify cookie data stored in the browser’s local database. Previously utilized by over three million users, it has now been supplanted by a fraudulent duplicate with no relation to cookies or browser security. In fact, it seems to compromise both.
The genuine EditThisCookie extension is no longer accessible, and a similarly titled browser add-on, EditThisCookie®, has taken its place. Google has apparently removed the authentic extension from the Chrome Web Store, allowing the counterfeit version to remain available for download. Unfortunately for Chrome users, the deceitful EditThisCookie® is harmful and should have never been approved for the Web Store initially.
Before Google’s removal action, the malevolent add-on had gathered around 30,000 users. Currently, the EditThisCookie® page purports to have 50,000 users, presenting itself as a valid cookie manager. However, reviews are predominantly negative, with users denouncing the extension for its malicious activities and labeling it as a replica of the original.
Eric Parker, a malware analyst, recently released a YouTube video uncovering the fraudulent add-on, and elaborated on its several concealed threats. The extension connects to a deceptive website, has obfuscated code, and is capable of acquiring sensitive data—especially when users navigate Facebook. Additionally, it includes phishing tactics and methods for ad distribution.
The reasons behind the sudden disappearance of the original EditThisCookie tool remain unofficial, but the most logical explanation seems to be its lack of compatibility with Google’s transition to Manifest V3. Google is set on retiring the older Manifest V2 extension technology in favor of Manifest V3, which is purported to enhance security.
The immensely popular uBlock Origin was the first noted victim of this shift, and EditThisCookie seems to be following suit. Meanwhile, the perpetrators behind the bogus EditThisCookie® extension have been savvy—or opportunistic—enough to modify their code to be compliant with the Manifest V3 requirements. By contrast, the original developer may have opted to concentrate on different priorities.
The situation surrounding EditThisCookie underscores the significant shortcomings of Manifest V3 in bolstering browser security. Despite Google’s intentions, the new standard appears ineffective, and the problem may intensify as other popular Manifest V2 extensions disappear from the Chrome Web Store. Digital offenders are likely exploiting these vulnerabilities and monitoring the ongoing transition closely.
In response, third-party browsers, such as Mozilla Firefox, are proposing a superior extension experience by supporting both Manifest V2 and V3 frameworks. This adaptability might attract users in search of a more secure and functional browsing environment.
