Chrome

Google provides multiple channels to report malicious Chrome extensions.

1. Report Abuse Button (Easiest)

The quickest way to report directly from the Chrome Web Store:

1. Go to the extension's page on the Chrome Web Store
2. Scroll down to Additional Information
3. Click Report abuse
4. Select the reason and submit

2. One-Stop Support Form (Recommended)

The most effective method for escalating reports to the Chrome Web Store team. Best for reporting:

• Malicious or abusive extensions
• Copyright or trademark violations
• User-safety concerns
• Policy violations
• Developer misconduct

3. Chromium Extensions Google Group

Submit reports directly to the Chromium Extensions team. Often used by developers and security researchers.

4. Direct Email

Email extension-related concerns directly to: chromium-extensions@chromium.org

5. Google VRP (Security Vulnerabilities Only)

Google's Vulnerability Reward Program accepts reports for security vulnerabilities in select extensions only (not general malicious behavior).

Firefox

Mozilla provides straightforward ways to report abusive Firefox add-ons.

1. Report Through Firefox (Recommended)

Report directly through the Add-ons Manager:

1. Open Firefox and click the menu (≡)
2. Select Add-ons and themes
3. Go to Extensions
4. Click the three-dot menu next to the add-on
5. Select Report
6. Choose the reason and submit

2. Report on AMO Website

Report extensions on the Firefox Add-ons website by visiting the extension's page.

What Mozilla Considers Abuse

• Malware, spyware, data theft, or harmful behavior
• Collecting browsing data without disclosure or consent
• Injecting unwanted ads or pop-ups
• Misleading or false descriptions
• Changing search engines or homepages without permission
• Offensive, illegal, or harmful content
• Extensions that cannot be uninstalled normally

Edge

Microsoft provides a GitHub-based reporting system for Edge extension issues.

Microsoft Edge Extensions GitHub

Report harmful, suspicious, or non-compliant extensions by submitting an issue on Microsoft's official repository:

1. Go to the Microsoft Edge Extensions GitHub repository
2. Click New Issue
3. Select the appropriate issue template
4. Provide details about the malicious extension
5. Submit the issue

What to Include in Your Report

A detailed report helps browser vendors take action faster. Include as much as possible:

• Extension name and ID — Found in the URL or extension details
• Specific malicious behavior — What the extension does (steals data, injects ads, redirects, etc.)
• Screenshots or recordings — Visual evidence of the behavior
• Network requests — Suspicious outbound requests if you can capture them
• Code snippets — Malicious code if you've analyzed the extension
• Timeline — When you noticed the behavior

After Reporting: Protect Yourself

If you've had a malicious extension installed, take these steps immediately:

1. Remove the extension — Uninstall it from your browser
2. Clear all browsing data — Delete cookies, cache, history to remove tracking
3. Change passwords — Update passwords for sites you accessed
4. Check for unauthorized access — Review account activity on sensitive services
5. Enable 2FA — Add two-factor authentication to critical accounts
6. Scan for malware — Run a full system scan

Frequently Asked Questions