| ▲ | honzaik 6 hours ago | |
well if they have evidence why they dont report it? why are these extensions on the store? im sure linkedin has enough motion to report it directly to google also, having a PQC enabled extension doesnt seem like a good "large user base capture" tactic. the source code is as usual obfuscated react but that doesnt mean its malicious... EDIT: i debuged the extension quickly and it doesnt seem to do anything malicious. it only sends https://pqc-extension.vercel.app/?hostname=[domain] request to this backend to which it has permissions. it doesnt seem to exfiltrate anything else. it might get triggered later but it has very limited permissions anyway so it doesnt seem to be a malicious extension. (but im no expert) | ||