Microsoft Edge Fails On Security – Promoting Malicious Websites

Microsoft’s Defender has been making news in security with its paid options. The Microsoft VPN service integrated into its Edge browser captures the market share. It seems Microsoft is hell-bent on providing security to its users with improvements. However, a recent incident has shaken that belief and can shatter Microsoft’s image of providing security to its users.

According to the latest report published by Malwarebytes, Microsoft Edge has been observed to display malicious ads on its news feed. It seems unintentional; the tech conglomerate allowed third parties to distribute malicious ads on Microsoft Edge’s News Feed, tricking users into believing their PC was under attack. These articles appear to be regular ones at first sight, but when you click on them, a fake window locker attack website will take you and instruct you to call a fake tech support number to “repair the problem.”

Microsoft Edge Fails On Security
Image Courtesy: NEOWIN

How Do These Misdirects Work?

The malware is an intelligent one in how it functions, according to Malwarebytes. The malicious ad banner only drives potential targets to the tech help fraud page. Bots, VPNs, and geo-locations are simultaneously shown on the Taboola ad network’s actual ad page. The business says that a base64-encoded JavaScript string is used to help with the difference.

Malwarebytes was able to compile more than 200 unique hostnames in under 24 hours. Perhaps not entirely shockingly, one of the related domains is connected to a person who seems to be the director of a software company based in Delhi, India. 

To determine whether the agent who clicked on it was a person or a bot, the attack searches through the browser data of that agent. If it’s a bot, the malicious ad loads a valid article instead of the phony browser locker page to make the bot believe it’s safe. Only when a person clicks does the trap open.

Here is an image that will explain the workings of this malware attack.

Microsoft Edge Fails On Security
Image Courtesy: Malwarebytes

Who Is The Target?

Microsoft Edge Fails On Security

This script is designed to only display the malicious redirection to possible victims while disregarding irrelevant bots, VPNs, and geolocations that are irrelevant and should be presented as a benign website connected to the advertisement. Tech support scammers frequently utilize fake browser locking pages in this strategy to deceive unsuspecting customers.

What’s noteworthy is the use of cloud infrastructure, which makes it incredibly challenging to prevent. As a result, when viewing the News Feed while using Microsoft Edge, be cautious about the links you click. And if, after clicking on an article in the News Feed, you notice an alert on your browser, you should view it suspiciously.

Bonus Feature: Use T9 Real-Time Antivirus To Protect From Malware While Online

One of the best antivirus products available today is T9, which received iVB100 certification two years ago and currently holds it. The following are just a few of the many advantages of utilizing this program:

  • Threats like infections, zero-day threats, malware, Trojans, PUPs, adware, and more are all things that T9 antivirus defends against.
  • T9 Antivirus protects you from the most recent dangers by periodically installing the most recent database definition updates.
  • It aids in removing unnecessary startup applications.
  • Additionally, a StopAllAds module is included to prevent pop-ups when browsing.

The Final word On Microsoft Edge fails on security – promoting malicious websites

The bad news for Microsoft Edge is severe. The business is having trouble persuading consumers to switch from Google Chrome and has chosen to focus on security to entice users to test it over other browsers. Microsoft Edge adds a layer of protection to keep users safe while they browse.

However, it will be challenging for Microsoft to persuade users that Edge is safer than Chrome, given that it has been seen sending out questionable advertisements in its news feed. We can only hope that Microsoft improves and stops these attacks in the future.

Follow us on social media – Facebook, Instagram, and YouTube. Please contact us with any questions or ideas. We would be delighted to provide you with a resolution. We frequently publish advice, solutions, and guidance for common technological problems.

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe Now & Never Miss The Latest Tech Updates!

Enter your e-mail address and click the Subscribe button to receive great content and coupon codes for amazing discounts.

Don't Miss Out. Complete the subscription Now.