Malicious Microsoft Edge extensions targeting users in the wild

Microsoft Edge extensions

Microsoft has removed five malicious Edge extensions from its
web store following concerns that they were injecting ads in
Google and Bing search results. The fake extensions all posed
as legit apps but were actually found inserting advertisements
without user permission.

The five extensions – NordVPN, Adguard VPN, TunnelBear VPN, The
Great Suspender and
Floating Player – were found in the Edge adds-on store with the
exact same name as the genuine add-on in the Chrome web store.

Most folks wouldn’t have noticed that these are fake extensions
and the majority wouldn’t have gone through the negative
reviews of fake extensions. Affected users left negative
reviews in the Edge store and others reached
out to the community on Reddit to seek help.

The problem was first reported last week, but it was widely
reported this week after more users noticed suspicious ads in
search results. The reports were spotted by Microsoft Edge
engineer and the offending add-ons were removed from the Edge
store immediately.

It’s not clear what ill effects the extension could inflict,
but reports revealed that users have been affected by rogue
adverts in search results and others were redirected to an
entirely unknown search engine, as shown in the screenshot
below.

Edge browser redirects
Microsoft Edge malicious redirect

Microsoft Edge engineer has offered some advice for those who
have downloaded the malicious extensions recently, and are
concerned they might still be using it.

“If you were using any of these extensions installed directly
from the Microsoft Edge Addon store, we suggest removing them
from edge://extensions,” the developer wrote.

As we mentioned above, Microsoft has already removed the
extensions from the store and Edge browser will display a
warning if the extensions are found active in your system.

If you want to make sure that you’re safe, you can always
uninstall the extensions from the Microsoft Edge manually, and
reinstall the original version from the Chrome Store if you
really need those extensions.

While Microsoft shouldn’t be letting this sort of extensions
slip through its approval process, this is a common problem and
Chrome Store is also filled with fake extensions.

When installing any extensions from any store, you should
carefully look at the publisher name, their privacy policy,
examine the latest negative reviews, and make sure that the
browser is up-to-date. It’s also a good practice to avoid
unnecessary extensions.

Note that
Microsoft has also published Edge 87 update this week with
new security/privacy features and you should download it (if
you haven’t already).

About the Author: admin

i am as a writer and blogger...

Leave a Reply

Your email address will not be published. Required fields are marked *