Back in December, Microsoft Edge Addon Store went live for the public with around 160 extensions. Since then, the number has grown and in March, it passed 1,000 extensions. However, not all the extensions were created in good faith.
Back in April, developer of the popular dark mode extension published a blog post cautioning users about the malicious extensions published on the Edge Add-on Store with the same name. The developer reached out to Microsoft has shared information regarding the malicious extensions and how to quickly analyse the code and remove extensions. It looks like the company followed through, as last night the developer confirmed the removal of various extensions from the Add-on Store.
The developer also confirmed that similar attacks happened on Chrome and Firefox as well. However, both Mozilla and Microsoft removed the malicious extensions but it’s worth checking if you’re using the right extension. Microsoft recently added user ratings and reviews to the Edge Add-on Store so it’s a good idea to check those before downloading and installing a new extension.