AXGHOUSE

Axghouse at ICANN Webinar: Mitigating DNS Abuse & Trusted Notifiers

May 19, 2026

One strike, thousands of dead links: Turbobit mirror suspended

May 27, 2026
AXGHOUSE

Axghouse at ICANN Webinar: Mitigating DNS Abuse & Trusted Notifiers

May 19, 2026

One strike, thousands of dead links: Turbobit mirror suspended

May 27, 2026
2

Malicious Chrome Extension Blocked via EU DSA TF Status

Chrome extension blocked

Removing Illegal Extensions from the Chrome Web Store: EU DSA Trusted Flagger Practice.

The browser extension ecosystem is frequently exploited to create gateways to illegal content under the guise of legitimate or entertainment tools. The Axghouse team has detected and successfully blocked one such malicious extension in the Google Chrome Web Store.

The Infringement

The removed plugin integrated directly into the interface of "Kinopoisk" — a popular, legitimate movie and TV show database widely used in Russian-speaking countries. Once activated, the extension automatically injected custom buttons onto movie pages, enabling users to search for and stream content directly via major pirate platforms and torrent trackers, including RuTracker, Rutor, Kinozal, HDRezka, and Filmix. The tool weaponized a legitimate platform's interface to systematically redirect user traffic to infringing resources.

Enforcement Outcome and Platform Mitigation Issues

Operating as an official EU Digital Services Act Trusted Flagger (DSA TF), Axghouse submitted a formal notice to Google, backed by verified expert data demonstrating systematic piracy facilitation. The extension has now been completely removed from the Chrome Web Store and is no longer available.

This case demonstrates that malicious tools continue to bypass initial marketplace review by masking themselves as harmless utilities. Axghouse analysts are currently tracking several other extensions utilizing similar infrastructure.

However, despite our official legal status as a priority reporter, Google’s mitigation speed and response quality remain slow. The removal process required persistent expert pressure, proving once again that global technology platforms critically need standardized, automated interfaces to efficiently cooperate with verified Trusted Flaggers.

Who benefits from this case:

  • Rights Holders & Producers: Protecting movies, series, and shows from being leaked via automated browser plugins.

  • Brands & Digital Platforms: Preventing malicious tools from parasitizing your legitimate traffic and user interface.

  • Cybersecurity Specialists: Understanding new threat vectors that exploit the trusted environment of browser extensions

FAQ:

  • What is the main danger of pirate extensions? They operate under the radar of traditional enforcement. Links to illegal content are generated dynamically within the user's browser, making them much harder to detect for standard automated crawlers.

  • Why does removal from the Chrome Web Store take so long? Major platforms like Google require manual legal and technical verification of complaints. Without an official status (such as Trusted Flagger) or a solid evidence base, such reports can sit in the queue for weeks.

  • Does blocking an extension prevent clones from appearing? No, it is a tactical mitigation. Infringers frequently attempt to re-upload identical plugins under different names. This is why Axghouse maintains continuous monitoring of marketplaces to detect and suppress repeat infringements.