The brand new Microsoft Edge browser relies on Chromium, the same engine that powers Google Chrome, so it’s capable of working an extension revealed within the Chrome Net Store.
However, on a similar time, Microsoft additionally maintains its personal add-on shops the place the corporate says it’s solely publishing recommended extensions which were beforehand verified and validated for its browser.
Solely that similar to it occurs within the case of Google Chrome and Mozilla Firefox, Microsoft Edge extensions are inclined to varied infections that might find yourself with users being uncovered.
And that is what occurred lately when malicious code was found in a clone of the extra famous Dark Reader extension.
Referred to as “Dark Theme for Edge,” the knockoff got here with code hidden in a PNG file that powered the downloading and execution of different malicious code from a C&C server. When the assault was full, the extension was able to accumulate knowledge from webpages utilizing pretend types after which add it to a server controller by the attacker, the dev of Dark Reader explains.
Microsoft already eliminated the extension
Related clones had been additionally found within the extension shops maintained by Google and Mozilla, and the developer says he really reached out to each firm in April. However, Microsoft has only recently been focused, so an analogous message was despatched to the software program large too.
The excellent news is that Microsoft responded shortly and eliminated the malicious extension from its retailer. Moreover, the corporate has additionally uninstalled the extension from units the place it was beforehand deployed in an try to guard these computer systems, so customers will now see a warning that “this extension accommodates malware.”
At the time of writing, the malicious Dark Reader clones have additionally been banned from the Google Chrome Web Store and Mozilla add-on store.