Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts
Summary
Microsoft has removed 119 malicious extensions from its Edge Add-ons store that hid malware within image and font files. These extensions, collectively named StegoAd by Microsoft, were designed to steal credentials and engage in ad fraud, and had been active since at least 2021.
IFF Assessment
FOE
The discovery and removal of malicious extensions that steal credentials and commit ad fraud represent a win for defenders.
Defender Context
This incident highlights the ongoing threat of malicious extensions in browser add-on stores, emphasizing the need for users to be cautious about what they install. Defenders should be aware of steganography techniques used to conceal malware and educate users on best practices for browser security.