Firefox and Chrome users have often fallen prey to false redirection and malicious web browser extensions. Edge users are now reporting the same issue, which appears to be occurring more frequently. These add-ons are usually camouflaged as legit websites with a URL to a real website.
Edge users fell prey to malicious browser extensions
However, users get redirected to other unrelated websites upon clicking on them. Some of these sites are abusive and, in one worst-case scenario, fraudulent.
Online users via a Reddit forum discussion realized that this was actually a common problem linked to five Edge extensions identified as:
- The Great Suspender,
- Nord VPN,
- Floating Player – Picture-in-Picture Mode,
- TunnelBear VPN, and
- Adguard VPN, redirecting users to oksearch[.]com
These were not genuine extensions from the real developers.
A representative from TunnelBear acknowledged the problem saying that the add-on extension hosted on Microsoft edge was not their own. They stated that it was not rare to find online imposters targeting credible sites for their benefits. Adguard VPN said they were working towards removing the add ons while looking into the issue.
A statement was also released by the NordVPN representative stating that they discovered the fraudulent link and immediately removed it. The other two sites have since not responded to the matter.
This remains to be an unsolved problem that could easily recur. This is because Microsoft and Google are yet to develop a system to authenticate these links before they are available online as anyone can submit a link. Due to this insecure loophole on the web, imposters take advantage of this and use real sites that people are likely to click on as clickbait to generate revenue from increased ad clicks. While there is no direct harm caused by the redirection, there is a risk of compromised privacy security and unknown third parties managing users’ themes and extensions.
This leaves online users’ responsibility only to install extensions they require and check for any signs or reviews that may be a red flag of compromised extensions before adding them.
