Chrome and Edge extensions laced with malware have already been installed three million times Malware hidden in at least 28 third-party GoogleChrome and Microsoft Edge extensions has been discovered by security researchers. The malware has the functionality to redirect user’s traffic to ads or phishing sites and to steal people’s personal data, such as birth dates, email addresses, and active devices, according to a report released by cybersecurity firm Avast. Researchers have said that up to three million users could be affected by the malware. The malware in question masquerades as legitimate extensions that help download videos from Instagram, Facebook, Vimeo, and other social platforms. The researchers have identified malicious code in the JavaScript-based extensions that allow the plugins to download further malware onto a user’s PC.