EditThisCookie is a dedicated extension for Google Chrome that allows users to modify cookie information stored by their browser. I first highlighted it in 2015 on Ghacks.
This extension, which has attracted over 3 million users and received 11,000 reviews, has been taken down from the Chrome Web Store. However, a deceptive imitation, originally titled EditThisCookies and now referred to as EditThisCookie®, remains available for download and has been marked as harmful.
When individuals attempt to visit the link for the original extension within the Chrome Web Store, they are met with an error notification that states, “This item is not available.” Meanwhile, the page for the fraudulent extension, which I will avoid linking due to its malicious nature, continues to be operational.
Eric Parker, recognized for his work on malware investigations, assessed the harmful extension in a YouTube presentation.
At the time of the video’s publication, the extension had roughly 30,000 users, but this figure has since surged to over 50,000.
Parker ran tests on a secure system and uncovered several discrepancies, including:
- A counterfeit website for the rogue extension.
- Concealed code.
- Scripts crafted to harvest data, especially in connection with Facebook.
- Phishing tactics.
- Code related to advertising.
It is crucial to mention that the investigator found no proof indicating that the code was set up to collect cookie data, suggesting that the version analyzed does not interfere with session cookies.
Considering that Chrome has automatic updates for extensions enabled by default, there exists a risk that more spyware or malware features could be introduced through updates.
Chrome and Chromium users should verify their installed extensions for the presence of the counterfeit version.
To accomplish this, simply type chrome://extensions/ into the browser’s address bar for a complete list of all installed extensions. If you spot EditThisCookies or EditThisCookie®, it indicates you have the fake extension, which should be uninstalled immediately.
An alternative worth considering is Cookie Editor.
The future of the original widely-used cookie-editing extension for Chrome remains uncertain.
An examination of the legitimate extension’s status on GitHub implies that this predicament may arise from a lack of support for Manifest V3. It seems the extension has been missing since at least July 2024.
While it could make for an intriguing narrative to claim that Google mistakenly removed the authentic extension, it seems more plausible that the genuine version was discontinued due to non-adherence to new Chrome extension policies.
Google’s web store continues to grapple with a significant challenge surrounding imitation extensions. In both 2015 and 2017, I noted that the store contained numerous “uBlock” extensions, all of which, apart from uBlock Origin, were counterfeit.
Anticipate a rise in imitation extensions that have not transitioned to the updated extension manifest in the upcoming period.
Image Source: ada Images / Shutterstock