119 malicious Edge extensions flew under the radarThey installed harmful code days after extension installationIt's proof that static code review is no longer sufficientMicrosoft says it has taken down 119 malicious extensions from the Edge Add-ons store after "proactive threat hunting" revealed a campaign that's been dubbed StegoAd.As part of the program, the company also had to suspend more than 90 developer accounts associated with the dodgy activity.Believed to have been active since at least 2021, it's believed that the malicious browser extensions had been downloaded a total of 2.6 million times.Microsoft removes 119 'StegoAd' malicious extensionsThe campaign was so broad that the extensions didn't just occupy one category: ad blockers, VPNs, video downloaders, translators and utility tools like PDF exporters were all ploys for the malicious extensions.This particular campaign got its name from the type of tactic used – steganography is the name given to hiding malicious code inside seemingly harmless files. PNG images, SVG graphics and font files had hidden JavaScript embedded inside to bypass traditional antivirus tools and web filtering.Once installed, Microsoft says they remained dormant for three to five days to avoid detection before going on to steal browser credentials, redirect users to malicious websites, manipulate affiliate links for financial gain, download additional malicious code and even communicate with C2 servers for updated instructions."The StegoAd campaign demonstrates that browser extensions remain a potent and evolving attack surface," Microsoft wrote, admitting that even its own safeguards had missed these dodgy extensions.The report also concludes that static code review alone is no longer sufficient, because extensions and other installations can download malicious code long after they were first installed.For developers themselves, Microsoft recommends being as clear as possible by not obscuring code, requesting only the necessary permissions to build trust, and report any suspected impersonation.