Malware Found In Microsoft Edge Extension

Malware

See, this is why we can’t have good things! In what is very much the first such case, a malware has been found in an extension for the new Microsoft Edge web browser.

This latest arrival is on an upward swing, with the company update it with new features left and right.

Goes without saying that this ascent has been noticed by cybercriminals too, who are now targeting Edge with malicious code. Of course, the browser now runs on the same engine that powers Google Chrome, meaning it is capable of running any extension published in the Chrome Web Store.

Which, Microsoft, coincidentally, recommends.

At the same time, the company also maintains its own addons store, where it publishes extensions that have been previously verified and validated for Edge.

All this means that these extensions are prone to various infections that could end up with end users being exposed to malware.

And this is what recently happened.

An addon that went by the name of “Dark Theme for Edge” snuck up as a clone of the more famous Dark Reader extensions. And it came with code hidden in a PNG file that downloaded and executed other malicious code from a C&C server.

Once the attack was complete, the extension became capable of collecting data from webpages using fake forms, and then upload it to a server controlled by the attacked.

The usual stuff.

Luckily, the developer of the original addon quickly got in touch with Microsoft, and the software titan responded quickly and removed the extension from its store. Furthermore, in order to protect these computers, Redmond also uninstalled the extension from devices where it was previous deployed.

Users now see a warning that tells them that this extension contains malware.

Goes to show just how sneakily some malware can spread.

Before you go, would you like to get access to over 100 Windows 10 Training videos for just 129 $14.95?

There is a limited time sale on the Ultimate Windows 10 Training Collection and it's just $14.95 for lifetime access. Ultimate Windows 10 Training collection v2 Click here to redeem this special offer! (Opens in a new window).

More Related Articles

Leave a Reply

0 Shares
Tweet
Share
Pin
Share