PHP

How to detect a malicious Google Chrome extension?

Today, when switching to lingualeo.ru (I entered it in the address bar with pens), I saw the following picture: I was redirected to ad.admitad.com , then to coupons-online.ru (I don’t remember the exact sequence) and only then to lingualeo.ru. Obviously, either lingualeo.ru itself is playing tricks, or some of the Google Chrome extensions, which is more likely.
Digging into the source code of extensions is quite dreary. A cursory glance turned up nothing. Perhaps there are more advanced places to search for such malware. Please advise if you know. Or maybe I'm generally sinning in vain on extensions?
All extensions are installed exclusively from the Chrome WebStore. Here is their list:

1. Eye Dropper 0.5.2 - ID: hmdcmlfkchdmnmnmheododdhjedfccka
   
2. Grammarly for Chrome 14.812.1246 - ID: kbfnbcaeplbcioakkpcpgfkobkghlhen
   
3. JSON Formatter 0.6.0 - ID: bcjindcccaagfpapjjmafapmmgkkhgoa
   
4. LastPass: Free Password Manager 4.2.0 - ID: hdokiejnpimakedhajhdlcegeplioahd
   
5. LinguaLeo English Translator 2.0.3.3 - ID: nglbhlefjhcjockellmeclkcijildjhi
   
6. Markdown Here 2.12.0 - ID: elifhakcjgalahccnjkneoccemfahfoa
   
7. New Tab - Pocket 1.0.0 - ID: ikndkhohinloomoacdggllledgjehkcf
   
8. Page Ruler 2.0.9 - ID: jlpkojjdgbllmedoapgfodplfhcbnbpn
   
9. Proxy for Chrome 1.15 - ID: iilpibhiihokecnbdkaminemnmecjfed
   
10. Save to Pocket 2.1.48 - ID: niloccemoadcdkdjlinkgdfekeahmflj
    
11. Send to Kindle for Google Chrome 1.0.1.74 - ID: cgdjpilhipecahhcilnafpblkieebhea
    
12. The Great Suspender 6.30 - ID: klbibkeccnjlkjkiokjodocebajanakg
    
13. uBlock Origin 1.14.12 - ID: cjpalhdlnbpafiamejdnhcphjbkeiagm
    
14. Vue.js devtools 3.1.6 - ID: nhdogjmejiglipccpnnnanhbledajbpd
    
15. Window Resizer 2.6.0 - ID: kkelicaakdanhinjdeammmilcgefonfh
    
16. Zhongwen: Chinese-English Dictionary 4.9 - ID: kkmlkkjojmombglmlpbpapmhcaljjkde
    
17. Yandex.Music 0.0.471 - ID: kefiofndeiobnlbabkhfkfmgdhmhhfmc