Microsoft Edge extension used in ransomware attack
First reported on bleepingcomputer on June 25, 2026.
A malicious Microsoft Edge extension called 'Edgecution' was used in a ransomware attack to get around the browser's security and install a backdoor on the user's computer.
What it looks like
- ransomware attack
- backdoor installed
How to fix it
- Open Microsoft Edge.
- Click on the three dots in the upper right corner.
- Select 'Extensions'.
- Find the 'Edgecution' extension and click 'Remove'.
- Run a full virus scan on your computer.
Affected products
- microsoft-edge
Sources
- Malicious Edge extension abuses Native Messaging as bridge to malware — rss:bleepingcomputer
Search terms covered: microsoft edge ransomware, edgecution malware