My wife installed an addon to be able to post Instagram posts from her laptop, and then suddenly clicking on google search results would sometimes, but not always hijack and redirect to bing, and then click on one of the ads. But it was clever because it only happened sometimes, and if she retried it it didn't happen, so whenever she would try to show me, it didn't happen. I just removed all her addons and the problem went way, so not sure which one it was.
It's things like this that make me a lot more reluctant to install extensions that might be moderately convenient. Maybe they're okay now, but it's too much of a burden to keep track of what I have installed and which ones are known to be doing something nasty.
Another loser in this whole game is the honest hobby extension developers, who have to deal with the power-users who might promote their extensions not wanting to bother for fear of not being able to keep a watch for potential malicious updates for all of them.
I was just thinking about something similar. It would be nice if at a minimum, we could put together a list of compromised extensions. I feel like I've seen quite a few of these reports recently
It should be possible to look at the source code of known compromised extensions and put together a list of heuristics that could automate part of the process. Minifiers make it more difficult though.
You should be able to do some of that at the debug console level. But otherwise you're stuck tracking traffic at page level, at least as far as I know.
- Auto Refresh Premium, static.trckljanalytic.com
- Stream Video Downloader, static.trckpath.com
- Custom Feed for Facebook, api.trackized.com
- Notifications for Instagram, pc.findanalytic.com
- Flash Video Downloader, static.trackivation.com
- Ratings Preview for YouTube, cdn.webtraanalytica.com
Copied from https://github.com/greatsuspender/thegreatsuspender/issues/1...