Good article, thanks ronjor. I only use three extensions in Firefox, and they are in the "Recommended" category.
Can you perhaps explain what this Infatica company exactly did? How did they use extensions for malicious purposes?
From what I can gather, they pay extension authors to insert their code into the extension, so infatica customers who browse to a web site using the modified extension will look like the traffic is coming from an extension user, and not from the customer. A sort of anonymizing tool, I guess. In this case it's not malicious use, but because of the power that so many extensions have, a malicious author could re-code it for malicious purposes.
Thanks, I still don't get it to be honest. But yes, a malicious browser extension is always a risk, it's best to limit the amount of them as much as possible. Here's an interesting article: https://medium.com/redmorph/malicious-browser-extensions-what-you-should-know-cb7ecb477dbc
