Microsoft also becomes a target for fraudulent browser extensions

Get a free Techzine subscription!

Microsoft Edge joins Firefox and Chrome in the fight against abusive add-ons.

For years, Google and Mozilla have been trying to prevent fraudulent browser extensions from infiltrating their official repositories. These fake extensions can range from a nuisance to outright malicious threats to their browser users.

Now Microsoft has joined in the fight against these bad actors.

Microsoft has been aggressively pushing its new Chromium-based Edge web browser. The company has promoted Edge as fully-featured and able to compete with market leaders like Google Chrome and Mozilla Firefox.

Well, Edge may have finally arrived in the big leagues. Like their rivals, Edge browsers have become the target of some bad actors on the Internet. The number of these malefactors pushing fake copies of popular add-ons for Edge is rising, and users are starting to notice – and complain.

Users start to notice the problem

It started when Microsoft users in website forums started to complain about Google searches being redirected to oksearch[.]com when they use Edge. They also noticed that the searches often use use cdn77[.]org for connectivity.

Participants in this Reddit discussion eventually determined that the redirections were not isolated incidents.

They then drew up a list of five suspect extensions that were causing the problem:

NordVPN
Adguard VPN
TunnelBear VPN
The Great Suspender
Floating Player — Picture-in-Picture Mode

Microsoft issued a statement saying, “We’re investigating the reported extensions listed and will take action as needed to help protect customers” The statement follows comments in this Reddit comment in which someone identifying herself as a community manager for Microsoft Edge said the company is in the process of investigating the extensions.

Add-ons have always been dicey

Industry analysts have long criticised browser add-ons for their extremely weak vetting process. Basically, anyone can submit add-ons to the Chrome or Edge web stores. Developers can even submit extensions under fake names and identities. The browser add-on “market” has thus plagued browser providers for some time as they try to purge the illegitimate extensions from their respective repositories.

Microsoft is going to have to take up this housecleaning campaign as well, especially as it pushes Edge to more users. The growing popularity of Edge means that these malefactors now have more potential victims.

Tip: Are browser extensions still safe to use?