7d • 🕵️♂️ CISSPintheWild
New $6,000 malware toolkit Stanley delivers page spoofing via Chrome Web Store
A $6,000 malware toolkit known as “Stanley” is being sold on Russian cybercrime forums, offering a malicious Chrome extension that spoofs entire websites while preserving the real domain in the browser’s address bar, complete with a promise that it will pass Chrome Web Store review.
Discovered by Varonis researchers in mid-January 2026, Stanley is part of a growing trend in commercialized browser malware. The toolkit was first advertised on January 12 by a seller using the alias “Стэнли,” who promoted it with demo videos targeting cryptocurrency platforms like Binance and Coinbase. Varonis reported the campaign to Google and the extension's hosting provider on January 21; the command-and-control (C2) infrastructure was taken offline the next day, but the extension remains live in the Chrome Web Store.
1
0 comments
New $6,000 malware toolkit Stanley delivers page spoofing via Chrome Web Store
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+84
2
+48
3
+43
4
+36
5
+34
Powered by