Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts
Microsoft removes 119 Edge extensions after two-year malware campaign disguised as harmless tools
Velocity
How fast coverage is spreading — measured hourly from article rate × source diversity. How this works →
The brief
Microsoft has removed 119 extensions from its Edge browser store, all part of a campaign called **StegoAd** that hid malware in images and fonts. The extensions, which promised productivity or utility features, instead stole user credentials and facilitated ad fraud, according to cybersecurity researchers.
Security-focused outlets—including *Malwarebytes*, *Security Affairs*, and *The Hacker News*—emphasize the scale of the operation and its reliance on **steganography** (hiding data within images or fonts). Watch for follow-up reports on whether similar threats exist in other browsers or app stores.
Microsoft’s response—including potential policy changes for extension vetting—will be critical. Cybersecurity firms may also release deeper technical analyses of the StegoAd infrastructure.
Synthesized by headlinez.news from the headlines below under a strict no-invention contract. ✓ fact-checked: unsupported claims removed (75% supported) Updated just now.
Quick answers
How did the malware evade detection for so long?
The malware used **steganography**, embedding malicious code within images and fonts—methods that bypassed traditional antivirus scans focused on executable files.
Are other browsers affected?
Coverage does not yet specify whether this campaign targeted other browsers, though the focus remains on Microsoft Edge extensions.
Will Microsoft change its extension approval process?
No details on policy changes have been released, but the removal suggests internal reviews of extension security protocols may follow.
Coverage (5)
- 119 Edge extensions promised useful tools, instead downloaded malware Malwarebytes · 12h ago
- Microsoft Stock (NASDAQ:MSFT) Slips After Pulling 119 Edge Extensions TipRanks · 12h ago
- StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years Security Affairs · 12h ago
- Microsoft takes down StegoAd operation Risky Business Newsletters · 12h ago
- Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts The Hacker News · 12h ago
Topics
Related trends
Iranian agents lived in Australia before directing attacks on Sydney and Melbourne, spy chief says
Australia's intelligence chief reports Iranian agents resided in the country while orchestrating attacks on Jewish targets in Sydney and Melbourne.
GTA 6 Malware and Scammers Are Targeting PC and Android Users
Cybersecurity threats are rising as fraudulent GTA 6 early access invites target PC and Android users globally.