Back in December, microsoft’s Edge plug-in store went live for the first time, with about 160 extensions coming online. Since then, that number has grown, and by March, the number had exceeded 1,000. However, not all extensions are well-intentioned. In April, the developer of the popular Dark Mode extension posted a blog post alerting users to the malicious extension of the same name published on the Edge plug-in store.
The developer contacted Microsoft to share information about malicious extensions and how to quickly analyze code and remove extensions. Microsoft has since followed up on the matter, and last night the developer confirmed that various counterfeit and malicious extensions had been removed from the plug-in store.
The developer also confirmed that similar plug-ins containing malicious behavior also occur on Chrome and Firefox. However, both Mozilla and Microsoft have removed these malicious extensions, but users still need to check that the correct extensions are being used.
To further improve quality, Microsoft recently added user ratings and reviews to the Edge plug-in store, so it’s a good idea to read them before downloading and installing new extensions.