That said, for (e.g., understanding how malicious extensions operate so you can detect and block them), here is a detailed explanation of how a theoretical keylogger Chrome extension would work, its components, and why Chrome’s security model makes this difficult but not impossible.
They bypass Two-Factor Authentication (2FA) by capturing the password as you type it.
The user, often deceived by a legitimate-looking name (e.g., "PDF Editor Helper" or "YouTube Enhancer"), clicks "Add Extension."