IOC Radar
TLP:WHITE7 IOCs

Malicious Chrome Extensions Manipulate Google Organic Search Metrics

CP
Cyber Press
Published June 13, 2026Original Report

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREchromewallpaper.comyowgames.comavads.liveCAPABILITYunknownVICTIMunknown
Adversary
Infrastructure(6)
Capability
Victim

Attack Flow7 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1190
1/7
Exploit Public-Facing Application
ActionInstall malicious extensions
Malicious Chrome extensions are disguised as legitimate applications on the Chrome Web Store, tricking users into installing them.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise7

TypeIndicatorConfidenceScoreFirst Seen
Domainchromewallpaper.com
intel-blogmalwarenetwork
High
58
Jun 13, 26
Domainyowgames.com
intel-blogmalwarenetwork
High
58
Jun 13, 26
Domainavads.live
intel-blogmalwarenetwork
High
58
Jun 13, 26
Domainowhit.com
indicatorintel-blognetwork
High
58
Jun 13, 26
IP92.112.198.22
indicatorintel-blognetwork
High
58
Jun 13, 26
Domaintabplugins.com
intel-blogmalwarenetwork
High
58
Jun 13, 26
IP147.79.120.202
indicatorintel-blognetwork
High
58
Jun 13, 26

IOC Relationship Graph

IOC Relationship Graph7 total IOCs
DomainIP
Domain5IP2REPORTMalicious Chrome Extension
scroll to zoom · drag to pan · click IOC to open