These malicious browser extensions were included in a campaign referred to as CacheFlow in late 2020 by Avast. ... They were able to avoid infecting users likely to be web developers either through the extensions or by learning whether the user had accessed locally-hosted websites.