A recurring theme in attacks like this is easily monetizing stolen extensions because Google has no customer service https://a9t9.com/blog/chrome-extension-adware/ …
-
-
Replying to @antumbral
It'll probably take ages for them to get it back, and it will only be recovered because a Googler saw it on HN, most likely
1 reply 1 retweet 2 likes -
Replying to @antumbral
Bonus points if after getting it back on their account, their dev account is permabanned for "distributing malware"
1 reply 2 retweets 4 likes -
Replying to @antumbral
The worst part is sometimes people sell their extensions to malware vendors, and most extensions have access to all URLs, including https
1 reply 0 retweets 5 likes -
Replying to @antumbral
Which means anyone who buys a popular extension could probably silently update it to snoop on your gmail.
2 replies 0 retweets 4 likes
Need selling/transferring ownership of extension without notifying distributor (Google) & 6mo waiting period to be ToS violation.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.