BEGIN:VCALENDAR VERSION:2.0 PRODID:-//pretalx//pretalx.com//bsidesluxembourg-2026//talk//MB9KND BEGIN:VTIMEZONE TZID:CET BEGIN:STANDARD DTSTART:20001029T040000 RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10 TZNAME:CET TZOFFSETFROM:+0200 TZOFFSETTO:+0100 END:STANDARD BEGIN:DAYLIGHT DTSTART:20000326T030000 RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3 TZNAME:CEST TZOFFSETFROM:+0100 TZOFFSETTO:+0200 END:DAYLIGHT END:VTIMEZONE BEGIN:VEVENT UID:pretalx-bsidesluxembourg-2026-MB9KND@pretalx.com DTSTART;TZID=CET:20260508T094000 DTEND;TZID=CET:20260508T101000 DESCRIPTION:Every day\, millions of people rely on their web browsers\, not only for work but also for study and daily life. Some of us also install browser extensions to utilize useful features. But what happens when those extensions are not as harmless as they seem?\n\nIn recent years\, there h as been a growing number of malicious browser extensions\, particularly on platforms like the Chrome Web Store (CWS)\, affecting millions of users w orldwide. Detecting these threats is not straightforward. Malicious extens ions behave in many different and sometimes unpredictable ways. Another ch allenge is the limited availability of corresponding known malware samples \, which restricts our ability to investigate these threats in depth. \n\n In this talk\, I will share insights from my study that takes a closer loo k at this problem. I compiled a curated dataset of 460 malicious browser e xtensions removed from the CWS and analyzed how they behave. By integratin g both static and dynamic analysis techniques\, I identified a wide range of activities that raise privacy and security concerns\, classified as tra cking\, redirecting\, ad injecting\, stealing\, and unwanted actions. Leve raging static analysis using CodeQL and Python\, the study could detect ex tensions setting cookies for external domains automatically. DTSTAMP:20260412T024837Z LOCATION:IFEN room 1\, Workshops and Detection Engineering village (Buildin g D) SUMMARY:Comprehensive Framework for Analyzing and Detecting Malicious Brows er Extensions - Van Nguyen URL:https://pretalx.com/bsidesluxembourg-2026/talk/MB9KND/ END:VEVENT END:VCALENDAR