After Chrome and Firefox; fake add-ons turn up to Microsoft’s Edge

Samuel Walker  - Technology Policy Researcher
Last updated: November 6, 2023
Microsoft edge fake add ons
  • Microsoft Edge users have reported security infringements on its Chromium-based Edge web.
  • The alleged claims from the users reflect that Google searches are being redirected to oksearch[.]com when using Edge.
  • Microsoft officials have instructed edge users to turn off their extensions if they see any sort of ads injections.

Microsoft is highly known for Windows, computer software, and cloud services. The company also entered into the web browsing network coming up against the leading browsers like Google Chrome and Mozilla Firefox.

With that, Microsoft is also up against a big battle in keeping away the abusive add-ons.

Google and Firefox have resisted such malicious and unusual activities for many years. The fake extensions can cause a serious threat to your personal dataspace. Now Microsoft has encountered such malware, too, that can harm and breach an individual’s personal information.

Microsoft Chromium-based Edge web has built-in tools that provide immediate access to users. Bill Gates-founded tech giant claims to have the most secure and advanced browsing features.

Add-ons have played a big role in helping users with additional features. For instance, VPN extensions are easy to access just like on Chrome web, one click away from activation. Though browser add-ons and extensions have become old-fashioned, some people still vow on their wide range of features.

With increasing popularity, Edge’s problems are also rising up.

Edge users facing redirection issues

Over the past several days, Edge users have come across some unusual injections.

Users have complained that they keep getting redirected to other sites. The most common link they are redirected to is oksearch[.]com. As per the reports, sometimes the searches use cdn77[.]org for connectivity.

Users on Reddit expressed their issues while using the Edge browser.

Many bogus extensions were found on the add-ons store for Microsoft Edge. All the victims faced a similar issue of fake add-ons. The extensions were in the name of popular and legitimate developers, but they were nothing, just imposters.

Users observed some well-known VPNs’ fake extensions including NordVPN, TunnelBear VPN, Adguard VPN. A couple of other utilities noted were ‘Floating Player — Picture-in-Picture Mode’ and ‘The Great Suspender.’

The attackers are using the names of these companies to make money.

If someone uses these VPN extensions, it might direct them to OKSearch. A large pool of people using such fake extensions means that they see more ads. And, more ads means attackers would earn more money.

Microsoft has just updated its Edge browser’s version to 86.0.622.69. One of the users claimed that the redirecting was not happening after the update. However, the issues occurred before the update.

“I am also using Edge, which just updated itself to 86.0.622.69. The redirect hasn’t happened on this update yet, but it’s only been 10 minutes.”

Other users replied that despite the update, this issue was still occurring. It’s still worrying Edge users.

What’s Microsoft’s take on this?

Microsoft took quick action against this issue and have discarded the problematic extensions. However, the company has insisted on turning off such extensions if someone still faces any issues.

A Reddit user named MSTFMissy claimed to be Microsoft’s representative and stated:

“The team just updated me to let me know that anyone seeing these injections should turn off their extensions and let me know if you continue to see them at that point.”

Bill Gates-founded tech giant has ensured that such types of extensions have been disabled on Edge. The company is investigating the scale of this cyberattack, and they will continue to take action as required.

With the extension issue still under investigation, Edge’s latest update has brought an annoying feature. A user may struggle to copy and paste URLs through its new feature called “Friendly URLs.” This cannot be very pleasant for those users who want to copy raw web addresses.

Editor’s note: The news was updated on November 30, 2021, to update the dead link about Microsoft messing up how users can now copy/paste URLs.

Share this article

About the Author

Samuel Walker

Samuel Walker

Technology Policy Researcher

Sam Walker is a tech-focused writer who has traveled the world but currently lives in Australia. He has a keen interest in digital privacy and security. Sam loves testing new technology and researching the latest security trends to keep others informed (and ultimately safe) online.

More from Samuel Walker


No comments.