Stanley - A $6,000 Russian Malware Toolkit With Chrome Web Store Guarantee
Varonis, Friday, January 23rd, 2026
A new malware toolkit called 'Stanley' spoofs websites while keeping the address bar intact and guarantees Chrome Web Store approval.
Browser-based attacks have entered a new phase, one that's more aggressive, more coordinated, and more dangerous than what we saw a few months ago. An attack vector once considered low-impact has become a huge threat targeting millions of online users.
In December 2025, DarkSpectre exposed gaps in browser security by compromising 8.8 million Chrome, Edge, and Firefox users through three linked campaigns. January 2026 brought another concern: two extensions with a combined 900,000 installations were caught quietly siphoning ChatGPT and DeepSeek conversations, one of which carried Google's "Featured" badge. Around the same time, the CrashFix campaign manipulated users into installing a remote access trojan by intentionally crashing their browsers and posing as the solution.