According to security researchers at US cyber firm ICEBRG have located four Chrome extensions which house malevolent code that were available through the official Chrome Web Store which allowed attackers to send commands through to users’ browsers in the JavaScript code form.
ORIGINAL SOURCE: Bleeping Computer