Microsoft Removes 119 Edge Extensions That Hid Malicious Content in Images and Fonts
Browser-extension enforcement action at scale from Microsoft. The company pulled 119 Edge add-ons that concealed payloads inside image and font files, with a combined install base reported at up to 2.6 million, and suspended the developer accounts behind them.
Key Takeaways
|
Browser-extension enforcement action at scale from Microsoft.
REDMOND, WASHINGTON — Microsoft on June 29, 2026 said it had removed 119 extensions from the Edge Add-ons store that hid malicious content inside ordinary image and font files, ending a long-running operation its researchers track as StegoAd. The company said the extensions, which presented themselves as ad blockers, VPNs, translators, video downloaders and other everyday utilities, carried a combined install base reported at up to 2.6 million users, and that it had also suspended the 90-plus developer accounts behind them.
The action is a vendor-enforcement story rather than a single-vulnerability disclosure, but its scale and technique make it notable. Microsoft says the operation used steganography — the practice of concealing data inside other files — to tuck executable logic into PNG, WebP and WOFF2 assets that read as normal extension resources, and that the malicious behavior stayed dormant for days after install to evade review. The same playbook, Microsoft says, reached Chrome and Firefox as well, which turns the takedown into a broader prompt to revisit browser-extension policy across the browsers an organization actually runs.
| At a Glance | |
|---|---|
| Field | Details |
| Vendor | Microsoft |
| Action | Removed extensions from the Edge Add-ons store; suspended 90+ developer accounts |
| Count | 119 extensions |
| Technique | Steganography — payloads hidden in image (PNG, WebP) and font (WOFF2) files |
| Installs | Up to 2.6 million (reported, combined) |
| Parallel exposure | Microsoft says the operation also extended to Chrome and Firefox |
| Status | Removed from the Edge store; tracked by Microsoft as StegoAd |
What Microsoft Removed
In research published under the name StegoAd, Microsoft said it had removed all 119 extensions tied to the operation from the Edge Add-ons store and suspended the more than 90 developer accounts associated with them. The company describes StegoAd as a single, long-running effort it attributes to one threat actor active since at least 2021, and frames the takedown as an enforcement action against an operation that had repeatedly cleared the store's review process.
The extensions did not look malicious on the surface. According to Microsoft, they posed as the kinds of utilities people install without much thought — ad blockers, VPNs, translators, video downloaders, calculators and coupon tools — and many of them performed their advertised function, accumulating reviews and installs that lent them an air of legitimacy. Microsoft says the actor also manipulated installation counts to inflate perceived popularity, a tactic that nudges cautious users toward trusting an add-on. Combined, the 119 extensions carried an install base Microsoft reported at up to 2.6 million.
The defining feature of the campaign is how it concealed its payload. Microsoft says the operation used steganography to hide executable content inside image and font files — PNG and WebP images and WOFF2 font files — so that the malicious logic traveled as what appeared to be ordinary extension assets rather than as recognizable code. The company says the behavior stayed dormant for a period after installation, reported as roughly three to five days, and that the extensions watched for signs of analysis, extending their dormancy when they detected developer tools open. The observed activity, according to Microsoft, ranged from ad fraud — injected advertising and hijacked affiliate commissions — to credential and cookie harvesting and remote code execution capabilities.
End-User Awareness Implications
For the people who installed these add-ons, the uncomfortable lesson is that the usual trust signals failed. The extensions sat in an official store, carried reviews, showed healthy install counts and did what they promised — every cue a careful user is told to look for. Microsoft's account indicates that several of those signals were either earned through genuine functionality or manipulated outright, which means the surface-level checks most users rely on offered little protection here.
That does not make user judgment irrelevant, but it does shift where the emphasis belongs. The more durable habits are about restraint and review: installing the smallest number of extensions that a task genuinely requires, periodically auditing what is already installed and removing anything unused, and treating broad permission requests as a reason to pause rather than a formality to click through. Steganographic delivery of the kind Microsoft describes is invisible to an end user by design, so the realistic individual defense is reducing the attack surface — fewer extensions, fewer permissions, fewer dormant add-ons accumulating in a browser profile. The same caution applies to the lookalike-installer and trojanized-tool lures that have surfaced elsewhere this year.
It is also worth being clear about what an individual cannot reasonably be expected to catch. A payload hidden in a font glyph range that reads as ordinary text, behind a multi-day dormancy timer and an anti-analysis check, is not something a user can spot by reading a permissions dialog. That is precisely why the responsibility for this class of threat sits heavily with the store operators and platform vendors who can inspect, sandbox and de-list at scale — and why an enforcement action like this one matters as much as any single piece of user advice.
Browser-Extension-Policy Review Across Organizations
For organizations, the takedown is a useful occasion to ask a question many extension policies leave unanswered: who decides what employees may install in a managed browser, and how is that decision enforced? Browser extensions occupy a privileged position — they can read and modify page content, observe browsing, and in some cases reach credentials and session cookies — yet they often fall outside the software-approval processes applied to conventional applications. A campaign that hid in plain sight in an official store, behind functional utilities and inflated install counts, is a reminder of how little signal the store listing alone provides.
Practical controls exist on both major engines. Chromium-based browsers, including Edge and Chrome, support enterprise policies that can allow or block extensions by ID, restrict installation to an administrator-curated allowlist, or limit installs to specific stores; equivalent controls are available for Firefox. Organizations that have not yet decided where on that spectrum they want to sit — open installation, allowlist-only, or somewhere between — can use this event to make that call deliberately rather than by default. An allowlist is more work to maintain, but it changes the security question from "is this specific add-on malicious?" — a judgment that StegoAd shows is hard to make from a listing — to "is this add-on on our approved list?"
Inventory is the companion task. Many environments simply do not know which extensions are installed across their fleet, which makes responding to an enforcement action like this one slower than it needs to be. Building or refreshing that visibility — what is installed, with what permissions, on which browsers — is the step that turns a vendor takedown into something an organization can act on, by checking its own estate against the removed set rather than assuming a clean bill of health. The same discipline of knowing what is running and on what version underpins responses to other supply-side incidents, including the malicious-package removals that have run through developer ecosystems this year.
Parallel Exposure Across Other Browser-Extension Stores
The most consequential detail for risk scoping is that Microsoft does not describe StegoAd as an Edge-only problem. The company says the operation also extended to Chrome and Firefox, and that the actor adapted its techniques across the Manifest V2 to Manifest V3 transition that has reshaped how extensions are built. Because the steganographic delivery method is fundamentally about hiding code in files that any Chromium-based browser will load, the technique is not specific to Edge — a point that echoes the cross-ecosystem reach seen in other recent supply-chain enforcement actions.
What is confirmed at the time of writing is Microsoft's enforcement action on its own store: the 119 Edge extensions removed and the developer accounts suspended. The reach into Chrome and Firefox is described by Microsoft as part of the same operation, but this reporting does not establish the scope of any parallel removals by Google or Mozilla, the precise number of corresponding extensions on those stores, or whether those listings have been taken down. Organizations should treat the cross-browser dimension as a reason to review Chrome and Firefox extension hygiene on their own initiative rather than waiting for a per-store all-clear that this report does not provide.
That distinction matters for how the action is read. The headline figure — 119 — is an Edge-store count, and the up-to-2.6-million install figure is reported as the combined reach of those extensions. The broader claim that the operation spanned multiple browsers should be carried as Microsoft's characterization of the actor, not as a confirmed enumeration of removals elsewhere.
Open Questions
Several points remain open. This account rests substantially on Microsoft's own research and the reporting that followed it; an independent researcher is credited with first publishing indicators of the campaign earlier in 2026, but the detailed technical narrative and the enforcement figures come from the vendor. The 119 count and the up-to-2.6-million install figure are Microsoft's, and the company frames the install number as an upper bound rather than a precise total of affected users, which is a meaningful distinction when reasoning about real-world impact.
It is also not established from this reporting how many users were actively running an affected extension at the moment of removal versus how many had installed one at some point over the campaign's multi-year run, nor what fraction of installs reflected the inflated counts Microsoft describes. The cross-browser scope — how many corresponding extensions reached Chrome and Firefox, and what those stores have done in response — is likewise characterized rather than enumerated here.
What is confirmed is enough to act on: a vendor has removed 119 extensions from its official store, suspended the accounts behind them, and described a technique that defeats the surface-level trust signals users are taught to check. The prudent reading is to treat the action as a trigger for a browser-extension-policy review that spans every browser an organization runs — taking inventory, deciding where on the allowlist spectrum to sit, and trimming unused add-ons — rather than as an Edge-specific cleanup that ends when the store listing disappears.