Skip to main content

Fake VPN add-ons hit Microsoft Edge browser store

(Image credit: Shutterstock)

Reports are emerging of fake VPN extensions cropping up on the Microsoft Edge store. The malicious add-ons were found to be injecting suspicious ads into search results or redirecting users to entirely unwanted search engines altogether.

Users first started noticing that something wasn’t right when they found that their Google searches were being redirected to a site called ‘OKSearch’. Closer inspection identified that the extension had some code relating to the obscure search portal in the sources tab of its developer tools.

Carrying out further sleuthing, a number of Reddit users discovered five fake VPN extensions on the Edge store displaying this behavior: Nord VPN, Adguard VPN, TunnelBear VPN, The Great Suspender and Floating Player — Picture-in-Picture Mode. All five of the add-ons mimic the names of legitimate VPN extensions exactly, making them difficult to spot unless you go through the negative customer reviews.

Fake extensions

Microsoft has now removed all five offending add-ons from the Edge store and anyone that is still using them is advised to uninstall. A Microsoft Edge warning will appear if any of the extensions are found active in your system.

The problem that Microsoft has, and which other browser developers have experienced, is that the extensions ecosystem is an extremely open one. Anyone can submit an extension, which puts a lot of responsibility on the likes of Microsoft, Google and Mozilla to authenticate each submission. Occasionally a fake slips through the net.

If you notice your browser behaving strangely, it’s always a good idea to try removing any recently installed extensions. If the problem disappears, it’s a fairly safe bet that the extension was to blame.

Via Techdows