Microsoft has a serious problem with fake extensions of the proletterof the Edge browser hosted on the company's store.
After removal of many fake and dangerous extensions last week, Microsoft again had to remove a fake extension. Last week, it became known that several fake extensions were removed by Microsoft. They were made to look like extensions from legitimate services (uBlock Origin, VPN services NordVPN, Adguard VPN and TunnelBear VPN and many other regular browser extensions).
Many companies and developers have not developed extensions for Microsoft Edge or have not ported their existing extensions to the Microsoft Store. Fake extensions are created and uploaded by third-party developers. They all used the names of the popular ones productof, likely causing Microsoft Edge users to install them unchecked. These extensions redirect searches made to browser at OKSearch.
The developers of Windscribe (a popular VPN application) revealed yesterday that their service was also targeted. A fake Windscribe extension was uploaded to the Microsoft Store, and like many others, it was accepted by Microsoft.
Someone uploaded a modified version of the extension and the company approved it without any scrutiny, or if it was scrutinized it was not enough. The extension does not appear to contain any malware at first glance, however it would be good to change your Windscribe password if you are using the extension.
Microsoft, meanwhile, has labeled the fake extension malicious. As a result, the extension is no longer available and users who have it installed will see it as disabled.
Η real Windscribe extension is still waiting in the queue for review by Microsoft.
Microsoft's audit process did not detect any fake extensions released in the company's store in the last two weeks. It seems that the company should change the control process, and even immediately.