I sent malicious browser extensions for analysis, the case number is 07264602 from March 10. Please analyse the samples and add detection for them.
These extensions access tabs, cookies, storage, webRequest, webRequestBlocking, declarativeNetRequest and more.
The most aggressive functionality is using "offscreen" access, which allows the malware to run scripts through the Offscreen API and interact with the web page's DOM