Microsoft’s Edge browser has become the second-largest after giving up its engine and switching to Google’s open source Chromium core, now the second-largest after Chrome. Edge browser many advantages, compatible With Chrome plug-in is the most attractive place, and Microsoft’s app store can be accessed normally at home, so many people go to Microsoft official download plug-in, expand Edge features.
Some of Chrome’s well-known plug-ins are also popular at Edge, such as Proxy Switchy Omega, which many people download directly from Microsoft’s official store, and then the question comes that Edge’s proxy Switchy Omega is a ghost.
Although proxy Switchy Omega’s function works, the uploader has ulterior motives to add other code, V2EX has done an analysis of the Gods, compared to the background.html cited a script js/pic.js.
The author of this Ghost link-in is so cunning that the script is hidden as a PNG image file that many people can’t notice.
Simply put, now this Ghost plug-in will load the merchandise rebate code, when the user shopping unknowingly used this page to order, the author of the Li ghost plug-in will get a share.
If it’s just rebates, it’s possible to say that the plug-in has been added to other code.
In fact, this isn’t the first time anyone has revealed that the Edge Store’s Proxy Switchy Omega plug-in has malicious code, and it was mentioned earlier by someone who looked at the Microsoft page review, but now it seems like no comments are there.
It’s not just this plug-in that has a problem, the new Edge browser supports the Chrome plug-in, there have been a number of plug-ins exposed to similar problems, are plug-ins are added malicious code.
In this matter, Microsoft’s official Edge store audit is not strict or key ah, not only because of compatibility with Chrome, save the matter will be put down.