What boggles my mind is how legitimate users and developers always get screwed, but somehow hackers are able to obtain phone numbers to create a myriad of accounts. Not only that, but that their generic "reviews" are always seen as legitimate by Google and other companies, while us humans know by looking at them that those "reviews" are completely automated.
@@rizkyadiyanto7922 yeah, most of my Google Maps reviews are deleted because of "fake interaction" when I know for sure it was all good. They have some stupid automated moderation in place. I file an appeal, a human approves them, then weeks later they are randomly flagged again.
@@rizkyadiyanto7922 True that, thousands of people complain about their legit comments being eaten by TH-cam every day. Spammers and scammers? Safe and sound. What a world of advanced AI (Actual Idiots)!
Because hackers know the system and actively work to bypass and evade countermeasures, but normal users are mostly unaware and set themselves to be flagged as false positives.
quick correction - this isn't obfuscated JS - it's transpiled + bundled typescript, possibly from babel + tsc, which is a really common configuration for a lot of chrome extensions. this is confirmed by the file name "main.ts-DXC..." showing that the original file is called "main.ts"
I was thinking the same thing I notise that when I use ViteJS something similar happens JS gets minimized and the file gets my given name + some random charaters.
0:45 That is in fact not AdSense but an ad they forcefully added to the page. If you refresh the page, it will pop up again. Guess what? The company they advertise is Singaporean!
I remember back in 2022 downloading an extension that allowed you to fullscreen videos, but pop them out of the screen, so you could have multiple videos fullscreened at once. One day, while watching a show on Netflix, a new window popped up directing to Amazon, (The type of window only extensions can open, no minimize, no expand, only an X) and I saw them attempting to log into my account realtime. I was so terrified I closed the window and deleted the extension, but I found it quite fascinating. Imagine I wasn't using the computer at the time! Ever since then I've been extremely suspicious of chrome extensions.
They have got the worst targets possible. Anyone who uses such extensions are too young to use facebook and anyone who uses facebook is too old to use extensions
A while back a chrome extension I really liked using for adding a dark mode to the PDF viewer was removed for malware. Turns out that the dev sold it to a company that used it for a type of fraud where it inserts affiliate codes to the end of all your shopping links and makes them money (which is pretty damn clever, GG)
The Brave browser (a rebranded chrome fork) did this as a core browser feature until it was discovered, not even an extension the core browser was hijacking URLs.
@@Lumither-404 good for you man. If you're a decent web developer you also know literally every person has their own tooling and methods of doing things, so I don't see your argument
@@DrsDapperTopperBack in the day I used a mitm proxy. Like burp suite to edit stuff so yeah I know but today isn't read-only anymore, so these kind of extensions is useless.
Great video, I wouldn’t mind if it was a bit more in depth on which data is send on which api call when you were talking about Facebook info stealer part, it peaked my interest
Nice video. Speaking of extensions, what do you think of password manager extensions like Bitwarden? I use it, but I'm still a bit wary about it, since the browser is a big target for attacks. Maybe you can make a video about this.
How screwed am I if I had it installed for over a month? Is a fresh windows installation combined with changing all of my password a reasonable precaution?
If you use a Chromium-based browser you can easily edit cookies in the "Application"-tab of the Developer Tools, so theres not really a reason to use these type of extensions.
Fun Fact: It literally took me 30 minutes to create a Chrome extention with GPT that allows me to view, edit and delete cookies for the visited website :D Loved your analysis. May I use some screenshots from your video as reference in my video?(Of course with credits) I am intended to make a Turkish video to warn people for the danger of these scam extentions :)
"Manifest V3" only exists to serve as an excuse to kill ablockers. Nothing else. Everything else it is meant to 'cover' is an afterthought meant to obfuscate it's purpose
I really shouldn't have found this channel. I would like to continue living in my naivety. Thank you so much for your educational work. I am super grateful but now i gotta feel like i need to delve further into security software
Pretty funny, I installed the legit extension on a fresh VM today and saw the sketchy looking clone. Was thinking everything in this video was happening and was surprised no one had caught on to it
OMG, i thought google is looking deep into extension code before reviewing. I have been using extension like dark reader, adblock, u block,unhooked for yourube, plz can you analyse these popular extensions and let the people know what they sre doing inside our browser, thanks for the video, 👍👍👍
6 months ago, dad couldn't walk (surgery and old man problems). When I came home for Christmas, he can walk with crutches. He can even do it outdoors. Best Christmas present ever to see his health improve! EDIT: Christmas itself was annoyingly lacking in the snow department.
Am glad the person didn't transfer the data from his old PC to his new one cuz I did download this on his computer but I got rid of it right after cuz it didn't work edit: I was talking about my brother since he got his PC upgraded for Christmas
Got my acccount hacked similarly. In fact, I have an iPhone with some nasty spyware/malware that I'd love you to have a look at if you'd be interested.
he exposed the extension as a spyware, why would he promote it, the main purpose of the video is not installing random extensions on the ChromeWebStore
While both have the potential to be dangerous, an exe could cause way more damage, especially because it can pretty much do anything it wants besides mess with your hardware (Although, im sure with the right permissions an executable could). Although, that's really just dangerous to your system. Most viruses that are .exe are trying to access your browser passwords, history, or your files, But browser extensions have near direct access to passwords and history. So really, extensions are way less dangerous than a exe, an exe can do everything an extension can do but better.
can someone help me i installed nvidia app ran the file tru virus total and website url tru scam advisor i could not run it tru hybrid something because the file is 146mb and limit for it is 100mb. it said everything was clean on virustotal and scam advisor but im paranoid is my system safe or not
It would be easy to reduce the number of such addons - google needs to make rule that no obfuscated or minified js is allowed in extension. Should be easy to detect with some kind of scanners or AI.
@@ThePizzabrothersGaming automatically is not excuse - you can disable it. Chrome could update their JS engine so that it compiles JS in extension into some kind of byte code during install and stores it permanently until extension is updated or removed so that long script would not be issue.
Why the hell would you want an extension that edits your cookies? I like my cookies just the way they are, thank you very much. And why are you using chrome!?
useful for web dev, being able to export/import cookies for specific cases both are mainly for when you know you want to mess with the cookies or look into the cookies to debug and/or access features/accounts as site admins without actual implementations in the front end tl;dr - Web developers finnagle with cookies, so an easier/preferrable/convenient way to do it is always nice
google just took down the real one, leaving the fake one up now. great job
BRAVO GOOGLE! Let me guess... the extension was reviewed by a "human being" that can't count how many r's are in the word "strawberry".
Very smart "Actual Idiot" review from goooogle.
what using reddit to train your ai does to a mf:
They did that when someone copied my extension and then claimed I copied theirs
@@milestailprowerAI sees letters as tokens so it can’t count letters if they see them as tokens
They now have changed their name from EditThisCookie*s* to EditThisCookieⓇ to make it even less obvious. How devious is that!
yeah, that the only reason to install opera gx
In Brave, the extension was removed. You can't even search for it, even though the name pops up during search.
Ridiculous how there is apparently no moderation for chrome extensions
@@Xport9 No. I just installed it normally
@@NepTuneLuisopera is spyware 🤦♂️
What boggles my mind is how legitimate users and developers always get screwed, but somehow hackers are able to obtain phone numbers to create a myriad of accounts. Not only that, but that their generic "reviews" are always seen as legitimate by Google and other companies, while us humans know by looking at them that those "reviews" are completely automated.
cus its all fake and theyre hiding wehat they do like groouuuumie kidd
meanwhile they delete our comments.
@@rizkyadiyanto7922 yeah, most of my Google Maps reviews are deleted because of "fake interaction" when I know for sure it was all good. They have some stupid automated moderation in place. I file an appeal, a human approves them, then weeks later they are randomly flagged again.
@@rizkyadiyanto7922 True that, thousands of people complain about their legit comments being eaten by TH-cam every day. Spammers and scammers? Safe and sound. What a world of advanced AI (Actual Idiots)!
Because hackers know the system and actively work to bypass and evade countermeasures, but normal users are mostly unaware and set themselves to be flagged as false positives.
quick correction - this isn't obfuscated JS - it's transpiled + bundled typescript, possibly from babel + tsc, which is a really common configuration for a lot of chrome extensions. this is confirmed by the file name "main.ts-DXC..." showing that the original file is called "main.ts"
I was thinking the same thing I notise that when I use ViteJS something similar happens JS gets minimized and the file gets my given name + some random charaters.
Transpiled AND minified. Transpiled (even bundled) but non-minified code looks just barely readable.
yoo its the guy from that wlm discord client
yooo aerochat guy hello!!!!
minification is a type of obfuscation
0:45 That is in fact not AdSense but an ad they forcefully added to the page. If you refresh the page, it will pop up again.
Guess what? The company they advertise is Singaporean!
How does Chrome still allow these? Do they have any moderation?
they most likely do, but probably use legit code, then update it
I guess they just allow everything besides adblockers that could block TH-cam ads.
Its a mega corp, u shouldnt really expect much from them. Besides possibly losing money from adblockers or gaining money through ads/data collection
@@leonhre Last I checked uBlock origin is on their offical chromewebstore.
@@leonhre of course. adblock hurts their wallet. spyware extensions only hurt the consumer
Examine the pie adblocker next!
YES
+3
I swear Pie adblocker has something hooked into Ublock Origin to where I *always* get their ad before a video now, and its just this *one* ad.
+9
+1, looks like spyware by how it is promoted
I remember back in 2022 downloading an extension that allowed you to fullscreen videos, but pop them out of the screen, so you could have multiple videos fullscreened at once. One day, while watching a show on Netflix, a new window popped up directing to Amazon, (The type of window only extensions can open, no minimize, no expand, only an X) and I saw them attempting to log into my account realtime. I was so terrified I closed the window and deleted the extension, but I found it quite fascinating. Imagine I wasn't using the computer at the time! Ever since then I've been extremely suspicious of chrome extensions.
What the fuck?
thats so scary what the heck???
They have got the worst targets possible. Anyone who uses such extensions are too young to use facebook and anyone who uses facebook is too old to use extensions
The real EditThisCookie extension (without the S) is frequently used by developers and tech-savvy users.
@ParodieHecker-mobile That's what im saying. The tech-savvy people are the ones that don't use facebook
They might be trying to target Meta SSO, which beyond the standard Meta apps also lets you log into a bunch of random stuff similar to Google SSO
Report this extension. This looks very invasive.
A while back a chrome extension I really liked using for adding a dark mode to the PDF viewer was removed for malware. Turns out that the dev sold it to a company that used it for a type of fraud where it inserts affiliate codes to the end of all your shopping links and makes them money (which is pretty damn clever, GG)
The Brave browser (a rebranded chrome fork) did this as a core browser feature until it was discovered, not even an extension the core browser was hijacking URLs.
Similar to honey
You actually dont need chrome extension to edit cookies, you can literally just use chrome dev tools
this is just a better frontend for it, allows you to import & export cookies among other things
This applies to a lot of things, but when you're actively working on things it's often easier to have a button directly on your extensions list
@@martijnpThis is why I create my own extensions
@@martijnp im web developer and i use dev tools for cookies, i dont need any extension for it
@@Lumither-404 good for you man. If you're a decent web developer you also know literally every person has their own tooling and methods of doing things, so I don't see your argument
Never understood cookie edit extentions when you just can edit cookies in the developer console by selecting the Application tab.
Majority users on the internet don't know this even though it's surface level to us
right?? why take such an unnecessary risk of downloading an extension when you can just do it yourself
It used to be read only. You needed an extension to modify the cookies.
@@DrsDapperTopperBack in the day I used a mitm proxy. Like burp suite to edit stuff so yeah I know but today isn't read-only anymore, so these kind of extensions is useless.
I guess Google allows this extensions just everything, besides adblockers that could block TH-cam ads.
Last I check uBlock origin is on the chrome web store.
got a small heart attack when i saw the thumbnail. fortunately I have just the singular cookie :p
I once installed this and when I did a Malwarebytes scan, it popped up with some detections from this extension.
Man it seems like all extensions are some strait bullshit.
my heart dropped when i thought the real one was spyware
Great video, I wouldn’t mind if it was a bit more in depth on which data is send on which api call when you were talking about Facebook info stealer part, it peaked my interest
thank u eric for exposing this extension my emails password got changed bc of this i tested
Can someone explain to me what these cookie editing extensions are supposed to add? I thought you could just edit cookies through the devtools.
They are for people who don't know about editing cookies through devtools. Theres nothing else of value that I know of..
you can, but i guess the extensions are supposed to be easier
Nice video. Speaking of extensions, what do you think of password manager extensions like Bitwarden? I use it, but I'm still a bit wary about it, since the browser is a big target for attacks. Maybe you can make a video about this.
doesn't Chrome, Firefox and many other browsers already have passwords managers?
@@angiii-1717hmmm these get stolen every time. I’d recommend nord pass it’s awesome
@@angiii-1717and every info stealer can bypass the protections. Bitwarden is completely different, but I assume a keyboard logger will still get you.
@@angiii-1717Firefox has cleared my saved passwords for no reason multiple times
So it's basically Honey.. cool
How screwed am I if I had it installed for over a month? Is a fresh windows installation combined with changing all of my password a reasonable precaution?
I don't have that exact one, but is it bad to use any of these cookie editing extensions?
No
This is a fake extension made to look like the EditThisCookie extension. The real one is safe. This one is not
If you use a Chromium-based browser you can easily edit cookies in the "Application"-tab of the Developer Tools, so theres not really a reason to use these type of extensions.
@@JonasTisell Thanks for letting me know.
Fun Fact: It literally took me 30 minutes to create a Chrome extention with GPT that allows me to view, edit and delete cookies for the visited website :D
Loved your analysis. May I use some screenshots from your video as reference in my video?(Of course with credits) I am intended to make a Turkish video to warn people for the danger of these scam extentions :)
is this had anything to do with the cyberhaven extension hacked cases? the facebook link looks similar
Would Manifest v3 help mitigate this?
Probably nah, it will just prevent ads from being read by extensions ig
"Manifest V3" only exists to serve as an excuse to kill ablockers. Nothing else. Everything else it is meant to 'cover' is an afterthought meant to obfuscate it's purpose
The privacy policy is massively scammy on that picture website
the original is now gone and this is at the top of the google search
took a real nasa scientist to figure this one out
Subscribed after reading the article on TechSpot 👍
I really shouldn't have found this channel. I would like to continue living in my naivety. Thank you so much for your educational work. I am super grateful but now i gotta feel like i need to delve further into security software
how about "i still dont care about cookies"?
The tip at the end is very helpful
with Orion browser on ios you can run extensions btw so
dude i noticed this when the original got removed
They have google+ on thier siete ?? How old is that
Thanks for the sponsor it helps to know what to avoid using
Wow the chinese do have the R&D skills for these
you can run chrome extensions on an iphone with the orion browser
Pretty funny, I installed the legit extension on a fresh VM today and saw the sketchy looking clone. Was thinking everything in this video was happening and was surprised no one had caught on to it
Do pie adblocker
This is why I only have two extensions installed.
Almost got a heart attack when seeing the thumbnail :D
Literally for a second i thought i had a fake one
They keep removing legit extensions while being left spyware available damn google
using google chrome profiles as a sandbox is genius
What about the real one that was popular a few years ago? Was that sus?
OMG, i thought google is looking deep into extension code before reviewing. I have been using extension like dark reader, adblock, u block,unhooked for yourube, plz can you analyse these popular extensions and let the people know what they sre doing inside our browser, thanks for the video, 👍👍👍
this video should get more likes
Aint no way its a spyware, hopefully not the original.
not the original we are safe !
note the S
@@johnn8643 phew!
@@EricParkerexamine Honey extension next!!
Oh my god I have this extension installed! Thank you so much, I will remove it now. Hard to trust extensions these days..
the real one is safe
The google+ social media link at the bottom of the website...
The real site also has it at the bottom, it's almost an exact copy (on a surface level)
What’s gonna be next? Edit anything? I HOPE NOT
You should make a video on cs2 cheats to see if they are malware or not, would be interesting imo
you should do rookie sideloader
Just checked my extension thanks to your heads up 😥
Whats up everyone how was your christmas?
great
I'd rather not answer
Things never were so dull before. At least for me.
6 months ago, dad couldn't walk (surgery and old man problems). When I came home for Christmas, he can walk with crutches. He can even do it outdoors. Best Christmas present ever to see his health improve!
EDIT:
Christmas itself was annoyingly lacking in the snow department.
@@какойтошизик ik what you mean it didnt even feel like christmas really
i was gonna search what is editthiscookies extension i found this video without searching lol
Am glad the person didn't transfer the data from his old PC to his new one cuz I did download this on his computer but I got rid of it right after cuz it didn't work edit: I was talking about my brother since he got his PC upgraded for Christmas
0:16 A cookie editor..... My mind inmedeatly had gone to an orange sugary liquid owned by paypal lmao. Its not malicious (hopefully) but it is fraud
Hey Eric could you test some Roblox executors for malware like solara, Xeno?
Got my acccount hacked similarly. In fact, I have an iPhone with some nasty spyware/malware that I'd love you to have a look at if you'd be interested.
allow incognito is also a safe bet
do pie adblocker next
Why come you didn't put the link to the extension in the Description?
he exposed the extension as a spyware, why would he promote it, the main purpose of the video is not installing random extensions on the ChromeWebStore
i can't believe that ppl still believe that extensions are less dangerous and that .exe's
While both have the potential to be dangerous, an exe could cause way more damage, especially because it can pretty much do anything it wants besides mess with your hardware (Although, im sure with the right permissions an executable could).
Although, that's really just dangerous to your system. Most viruses that are .exe are trying to access your browser passwords, history, or your files, But browser extensions have near direct access to passwords and history.
So really, extensions are way less dangerous than a exe, an exe can do everything an extension can do but better.
@@DraG0Ne ik that they r but i tried to say that ppl still believe extensions can't have malware or that they r harmless
i thought this was EditThisCookie
Shouldn't it be "EditTheseCookies" instead of "EditThisCookies"?
More malware extensions in browser
I used this before, but I'm broke so technically i trolled them.
nvm i installed the correct one if I'm not wrong
@@kalemolala the fake one's name got changed and now it has '®' at the end instead of 's'
Oh no, i have used this.
Google, if you can read this: you are a 🤡 for deleting the wrong extension.
It's a chinse intern operation
Mmm, sauce code
Hope i didnt use it when i edited my cookie😢😢😢😢😢😢😢😢😢😢😢 EDIT: MAMA AMA CRIMMINAAL
surely
This video is the way I found out I have three viruses, thanks, I guess? (It has nothing to do with editthiscookies)
paws at cookies (and eric)
ive seen you at every single video of eric's 😭
paws at you
*paws at you*
paws at you
oh no.
can someone help me
i installed nvidia app ran the file tru virus total and website url tru scam advisor i could not run it tru hybrid something because the file is 146mb and limit for it is 100mb. it said everything was clean on virustotal and scam advisor but im paranoid is my system safe or not
EditThisStealer**s**
ok maybe im a hypocrite
eat these cookies :3
Another day of asking to review TLauncher
TLauncher has already been carefully examined, but I 100% agree that it would make for a good video.
@grogus examined by who? also whoever examined it did they say is it spyware or not?
@@adiadic4722 I heard it in a yt video from TheMisterEpic, someone I used to watch, which made a video on the TLauncher controversy.
@grogus MisterEpic's video is not very informative. He didn't even include any link to source.
Google
Is this the same as EditThisCookies the real thing?
NVM
The only extension you need for Chrome is Ublock lite
ublock origin is the ONLY valid choice for adblocker (while you still can use origin, after which lite will -as you say- be the right choice)
It's great for Firefox as well, it's just universally good across browsers 👍.
The only extension on Chrome you need is to never install Chrome ever.
@@NineteenNinetyFork what about Malware Bytes Browser Guard?
@the-answer-is-42 It's best used with Firefox, even the developer recommends it
It would be easy to reduce the number of such addons - google needs to make rule that no obfuscated or minified js is allowed in extension. Should be easy to detect with some kind of scanners or AI.
many frontend transpilers do it automatically. babel, webpack, rollup etc. because it needs to be code that your browser can run and ideally small
@@ThePizzabrothersGaming automatically is not excuse - you can disable it. Chrome could update their JS engine so that it compiles JS in extension into some kind of byte code during install and stores it permanently until extension is updated or removed so that long script would not be issue.
Why the hell would you want an extension that edits your cookies?
I like my cookies just the way they are, thank you very much.
And why are you using chrome!?
useful for web dev,
being able to export/import cookies for specific cases
both are mainly for when you know you want to mess with the cookies or look into the cookies to debug and/or access features/accounts as site admins without actual implementations in the front end
tl;dr - Web developers finnagle with cookies, so an easier/preferrable/convenient way to do it is always nice
Ppl that steal accounts use this extension to bypass 2fa
OH NAWW
Siiiiiiii❤❤❤❤❤
oooooooh it has an 's' I thought I had spyware installed for a decade
20 views?! I thought it would have more
eric tate parker is spreade malware nakivo stole my fortnite cookies
eric parker is eric tate
dont lie eric this is youre plugin lol
eric parker doesnt understand the code he reads or the malware he analyses
35 seconds ago is crazy
Hello
why are you recording at 3pm? get some sleep you mad lad