Analysis: Popular Chrome Extension ModHeader Exfiltrates User Data
ModHeaderChrome extensiondata exfiltrationAES-GCM encryptionindexedDBnetwork requests
Author: runtimepanic
Date: 7/12/2026
Article Summary:
Analysis of the ModHeader Chrome extension's data exfiltration pipeline, revealing AES-GCM encryption, randomized upload timing, and evidence deletion after exfiltration.