Any chance to take down extension that include malicious code?

%3CLINGO-SUB%20id%3D%22lingo-sub-1576341%22%20slang%3D%22en-US%22%3EAny%20chance%20to%20take%20down%20extension%20that%20include%20malicious%20code%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1576341%22%20slang%3D%22en-US%22%3E%3CP%3ESome%20one%20called%20%22edge%20ext%22%20was%20published%20a%20series%20of%20extension%20that%20include%20malicious%20code%2C%20it%20will%20redirect%20some%20request%20to%20other%20website.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBy%20search%20with%20Google%20i%20believe%20this%20guy%20and%20his%20extension%20was%20reported%20as%20malicious%20at%20April%20on%20Microsoft%20Answer%20website.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnd%20here%20is%20more%20discussion%20about%20malicious%20code%20in%20those%20extension%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2FFelisCatus%2FSwitchyOmega%2Fissues%2F2004%23issuecomment-667794533%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2FFelisCatus%2FSwitchyOmega%2Fissues%2F2004%23issuecomment-667794533%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20there%20any%20human%20behind%20the%20report%20abuse%20function%20inside%20extension%20store%3F%20Why%20extensions%20include%20malicious%20code%20can%20stay%20at%20store%20for%20such%20long%20time%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESome%20of%20his%20modified%20extension%20with%20malicious%20code%3A%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EDo%20NOT%20install%20any%20of%20extension%20listed%20below%2C%20they%20include%20MALICIOUS%20code!%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fdetail%2Fproxy-switchyomega%2Fdijmmgblneagkcdganednabkbgjmceoe%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fdetail%2Fproxy-switchyomega%2Fdijmmgblneagkcdganednabkbgjmceoe%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fdetail%2Fcrxmouse%25E9%25BC%25A0%25E6%25A0%2587%25E6%2589%258B%25E5%258A%25BF%2Ffekmmgebpdphiffendgohmacpfhmakpk%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fdetail%2Fcrxmouse%25E9%25BC%25A0%25E6%25A0%2587%25E6%2589%258B%25E5%258A%25BF%2Ffekmmgebpdphiffendgohmacpfhmakpk%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fdetail%2Fbilibili%25E5%2593%2594%25E5%2593%25A9%25E5%2593%2594%25E5%2593%25A9%25E4%25B8%258B%25E8%25BD%25BD%25E5%258A%25A9%25E6%2589%258B%2Fkepfnmcbnphoodchhobgaahhjpihddjb%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fdetail%2Fbilibili%25E5%2593%2594%25E5%2593%25A9%25E5%2593%2594%25E5%2593%25A9%25E4%25B8%258B%25E8%25BD%25BD%25E5%258A%25A9%25E6%2589%258B%2Fkepfnmcbnphoodchhobgaahhjpihddjb%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fdetail%2F%25E5%25B9%25BF%25E5%2591%258A%25E6%258B%25A6%25E6%2588%25AA%25E7%25A5%259E%25E5%2599%25A8%2Foffklgmibadadggjapomilplemofakho%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fdetail%2F%25E5%25B9%25BF%25E5%2591%258A%25E6%258B%25A6%25E6%2588%25AA%25E7%25A5%259E%25E5%2599%25A8%2Foffklgmibadadggjapomilplemofakho%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fdetail%2F%25E7%2599%25BE%25E5%25BA%25A6%25E7%25BD%2591%25E7%259B%2598%25E5%258A%25A9%25E6%2589%258B%2Fdnkibfbfhpojimellklgfoellnimhfbg%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fdetail%2F%25E7%2599%25BE%25E5%25BA%25A6%25E7%25BD%2591%25E7%259B%2598%25E5%258A%25A9%25E6%2589%258B%2Fdnkibfbfhpojimellklgfoellnimhfbg%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fdetail%2F%25E5%259B%25BE%25E7%2589%2587%25E4%25B8%258B%25E8%25BD%25BD%25E5%258A%25A9%25E6%2589%258B%2Fhjcjofcinhoibakndhljfdpkddiagcjh%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fdetail%2F%25E5%259B%25BE%25E7%2589%2587%25E4%25B8%258B%25E8%25BD%25BD%25E5%258A%25A9%25E6%2589%258B%2Fhjcjofcinhoibakndhljfdpkddiagcjh%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1577521%22%20slang%3D%22en-US%22%3ERe%3A%20Any%20chance%20to%20take%20down%20extension%20that%20include%20malicious%20code%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1577521%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F407649%22%20target%3D%22_blank%22%3E%40gocloud%3C%2FA%3E%26nbsp%3BOh.%20Wow.%20This%20is%20concerning.%20Thanks%20for%20letting%20us%20know.%20Hope%20they%20take%20care%20of%20this.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Contributor

Some one called "edge ext" was published a series of extension that include malicious code, it will redirect some request to other website. 

 

By search with Google i believe this guy and his extension was reported as malicious at April on Microsoft Answer website.

 

And here is more discussion about malicious code in those extension: https://github.com/FelisCatus/SwitchyOmega/issues/2004#issuecomment-667794533

 

Is there any human behind the report abuse function inside extension store? Why extensions include malicious code can stay at store for such long time?

 

Some of his modified extension with malicious code: 

Do NOT install any of extension listed below, they include MALICIOUS code!

https://microsoftedge.microsoft.com/addons/detail/proxy-switchyomega/dijmmgblneagkcdganednabkbgjmceo...

https://microsoftedge.microsoft.com/addons/detail/crxmouse%E9%BC%A0%E6%A0%87%E6%89%8B%E5%8A%BF/fekmm...

https://microsoftedge.microsoft.com/addons/detail/bilibili%E5%93%94%E5%93%A9%E5%93%94%E5%93%A9%E4%B8...

https://microsoftedge.microsoft.com/addons/detail/%E5%B9%BF%E5%91%8A%E6%8B%A6%E6%88%AA%E7%A5%9E%E5%9...

https://microsoftedge.microsoft.com/addons/detail/%E7%99%BE%E5%BA%A6%E7%BD%91%E7%9B%98%E5%8A%A9%E6%8...

https://microsoftedge.microsoft.com/addons/detail/%E5%9B%BE%E7%89%87%E4%B8%8B%E8%BD%BD%E5%8A%A9%E6%8...

 

1 Reply
Highlighted

@gocloud Oh. Wow. This is concerning. Thanks for letting us know. Hope they take care of this.