A subsequent investigation found multiple abusive extensions that had been uploaded on Microsoft's new fledgling Edge Add-ons portal.
According to a list shared by a Microsoft community manager, the 18 extensions can be grouped into two categories. The first one is for extensions that tried to pass as the official versions of various apps, even if those apps didn't have official versions for Edge. This included:
Ublock Adblock Plus
The second list contained extensions that were copied from authentic Chrome extensions, ported to Edge, and then had malicious code inserted. This included:
The Great Suspender
Floating Player - Picture-in-Picture Mode
Go Back With Backspace
friGate CDN - smooth access to websites
Full Page Screenshot
One Click URL Shortener
Guru Cleaner – cache and history cleaner
Grammar and Spelling Checker
Enable Right Click
Night Shift Redux
Old Layout for Facebook
"If you were using any of these extensions installed directly from the Microsoft Edge Addon store, we suggest removing them from edge://extensions," Microsoft said last month.
The findings highlight that even with a small userbase, Edge has already piqued the interest of cybercrime groups that have been flooding the Chrome and Firefox extension stores with malicious add-ons for the past decade.
As the browser continues to see its usage numbers grow, these types of incidents are expected to become more common, as malware authors usually go where the users are.