After Google Chrome and Mozilla Firefox, malicious add-ons have now made their way into the Edge browser. Microsoft has recently removed 18 Edge extensions after they were found injecting ads to users’ browsing sessions.
Recently, numerous Microsoft Edge users flooded Reddit with complaints regarding abusive extensions. As reported by ZDNet and highlighted by the users, the add-ons injected ads during the usual browsing sessions. Particularly, this behavior ruined their Google search experience.
I have an issue that’s popped up literally today where when I Google search something, clicking on a result will occasionally redirect me to an advertisement. I’m not sure what the cause is here, but I suspect it’s Edge. I haven’t installed anything in the past several weeks other than Tetris Effect Connected, and the issue only began to happen after Windows auto restarted outside of active hours to update (a feature that I turn off, but somehow always finds its way back on again).
This is one of the links I got from clicking on a result:
https://www.shopify.com/free-trial?jk=%27%2Becwid&utm_source=yabing&utm_medium=cpc&utm_campaign=128723187&bingadgroupid=3972641419&bingadid=77309448943672&bingkeywordid=77309605121360&bingnetwork=s&BOID=none&msclkid=0465c5063196163c898f9aa80d8367af&gclid=CIPKg-SF_-wCFfYJiAkd6F0Mog&gclsrc=ds
I have also gotten other ads too, but this one here has hit me three times. I’ve run four malware removal tools, none of them found anything (ADWCleaner, Malwarebytes, ESET, and Windows Defender).
I’ve got a high suspicion Edge itself is doing this because it only begun happening after Edge applied an update, and the update and Tetris Effect are the only two things I’ve installed in weeks.
Any help would be appreciated, thank you!
For a 1-2 weeks, about once a day I’ll click on a link in a Google Search and instead it will redirect to https://oksearch.org/xa2/click.html ?<more here>, which then itself redirects to another site. The redirect varies — once it was Amazon, another time it was zoo.com, another time it was publicrecords.info. I cannot reproduce this; it just happens sometimes.
I’m on Windows 10 Pro, build 19042.630.
I’m using Microsoft Edge browser version 86.0.622.69, and haven’t installed any new extensions recently. Complete list of installed Edge extensions: HTTPS Everywhere, Mendeley Web Importer, Privacy Badger, Tampermonkey (I wrote the scripts), The Great Suspender, uBlock Origin, Decentraleyes, Kee.
I don’t recall installing any new software in the past month. Nothing in the list of “Apps & features” is unfamiliar to me.
What I’ve tried: (none found any issues)
​
I found a post here from a week ago on the same topic, but there wasn’t any resolution (cached version of the original post here ). I also found a thread from another site (written in German) from Friday with the same problem, but again no resolution.
​
Any ideas? Thank you!
As the users kept posting about such things on the Edge subreddit, Microsoft took notice of the complaints and started investigations.
It turned out that multiple malicious extensions had appeared on the Microsoft Edge add-ons portal.
The tech giant found around 18 extensions exhibiting malicious behavior. They could classify them into two different categories.
The first category included extensions that impersonated otherwise legit services to trick users. Though, the official add-ons for those companies didn’t exist on the Edge portal. These extensions include,
Whereas, the other category included add-ons that appeared on Edge after copying the ones from Chrome. However, they then included malicious codes on Edge versions. These included the following add-ons.
Upon investigating the matter and identifying the malicious add-ons, Microsoft removed all 18 of them from the Edge portal.
Nonetheless, these browser add-ons may still run on the users’ devices. Hence, all Edge users must review the extensions installed on their browser. And, if they find any suspicious add-on running, remove it immediately.
Microsoft has also recommended the same.
If you were using any of these extensions installed directly from the Microsoft Edge Addon store, we suggest removing them from edge://extensions.
the dump synchrony bank login altenen accounts and database